RubyGems - google-cloud-spanner-admin-database-v1 - Versions diffs - 0.8.0 → 0.11.0 - Mend

google-cloud-spanner-admin-database-v1 0.8.0 → 0.11.0

Files changed (15) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9219a47f66e9f55a4fe552b65d5b4710d5fef956b657a2756cc7080dbaa7c146
-  data.tar.gz: e044561ca992c478d3d3f147797e15d81b7eb3852800de829850668c9559af79
+  metadata.gz: 6929ebcdea92158c0fad9c88ab18ca86cb421e901e4ba3a99f06e6985c0606f8
+  data.tar.gz: 1afdec85fdeaadf2e9b34261a223c69143ea3bf3d62b446e4d3c65e6d0f193f7
 SHA512:
-  metadata.gz: 499542169d3a14c1bb054b655f0f12427db68a90b87dd1d412dad1c83441c13102a75e14fe0221e30e0a858ffe605406f870059ac2a5919278c9949796ce2b2d
-  data.tar.gz: 6a743d549430da2af1f3336d12c350fb8f5abaf71488840ad364ea3da5f332bda19dda027488bbbea217402ed2f4c7ca4689b741da3170168faae4d7f510583c
+  metadata.gz: 46a4bdf68256441bbe8baf778177e5a5dbe8b9596c89befdefcc22a272bd437aa0a2dc34efe0b95155bff3d0577e5f96c1f6d77f9ac598a2a138323e31fca43c
+  data.tar.gz: e916351643479cb10eb263e5b55c780bdad6699eed851d405e52b24fb2cf351fd3197ad35ad714defa3368ef153a2561804cb00707230f2317084d745419487f

data/README.md CHANGED Viewed

@@ -69,16 +69,21 @@ module GRPC
 end
 ```
+## Google Cloud Samples
+To browse ready to use code samples check [Google Cloud Samples](https://cloud.google.com/docs/samples).
 ## Supported Ruby Versions
-This library is supported on Ruby 2.5+.
+This library is supported on Ruby 2.6+.
 Google provides official support for Ruby versions that are actively supported
 by Ruby Core—that is, Ruby versions that are either in normal maintenance or
-in security maintenance, and not end of life. Currently, this means Ruby 2.5
-and later. Older versions of Ruby _may_ still work, but are unsupported and not
-recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details
-about the Ruby support schedule.
+in security maintenance, and not end of life. Older versions of Ruby _may_
+still work, but are unsupported and not recommended. See
+https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby
+support schedule.
 ## Which client should I use?

data/lib/google/cloud/spanner/admin/database/v1/database_admin/client.rb CHANGED Viewed

@@ -144,6 +144,11 @@ module Google
                       initial_delay: 1.0, max_delay: 32.0, multiplier: 1.3, retry_codes: [14, 4]
                     }
+                    default_config.rpcs.list_database_roles.timeout = 3600.0
+                    default_config.rpcs.list_database_roles.retry_policy = {
+                      initial_delay: 1.0, max_delay: 32.0, multiplier: 1.3, retry_codes: [14, 4]
+                    }
                     default_config
                   end
                   yield @configure if block_given?
@@ -859,7 +864,7 @@ module Google
                 #   @param options [::Gapic::CallOptions, ::Hash]
                 #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
                 #
-                # @overload set_iam_policy(resource: nil, policy: nil)
+                # @overload set_iam_policy(resource: nil, policy: nil, update_mask: nil)
                 #   Pass arguments to `set_iam_policy` via keyword arguments. Note that at
                 #   least one keyword argument is required. To specify no parameters, or to keep all
                 #   the default parameter values, pass an empty Hash as a request object (see above).
@@ -872,6 +877,12 @@ module Google
                 #     the policy is limited to a few 10s of KB. An empty policy is a
                 #     valid policy but certain Cloud Platform services (such as Projects)
                 #     might reject them.
+                #   @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
+                #     OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
+                #     the fields in the mask will be modified. If no mask is provided, the
+                #     following default mask is used:
+                #
+                #     `paths: "bindings, etag"`
                 #
                 # @yield [response, operation] Access the result along with the RPC operation
                 # @yieldparam response [::Google::Iam::V1::Policy]
@@ -967,7 +978,7 @@ module Google
                 #     See the operation documentation for the appropriate value for this field.
                 #   @param options [::Google::Iam::V1::GetPolicyOptions, ::Hash]
                 #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
-                #     `GetIamPolicy`. This field is only used by Cloud IAM.
+                #     `GetIamPolicy`.
                 #
                 # @yield [response, operation] Access the result along with the RPC operation
                 # @yieldparam response [::Google::Iam::V1::Policy]
@@ -2247,6 +2258,107 @@ module Google
                   raise ::Google::Cloud::Error.from_error(e)
                 end
+                ##
+                # Lists Cloud Spanner database roles.
+                #
+                # @overload list_database_roles(request, options = nil)
+                #   Pass arguments to `list_database_roles` via a request object, either of type
+                #   {::Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesRequest} or an equivalent Hash.
+                #
+                #   @param request [::Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesRequest, ::Hash]
+                #     A request object representing the call parameters. Required. To specify no
+                #     parameters, or to keep all the default parameter values, pass an empty Hash.
+                #   @param options [::Gapic::CallOptions, ::Hash]
+                #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
+                #
+                # @overload list_database_roles(parent: nil, page_size: nil, page_token: nil)
+                #   Pass arguments to `list_database_roles` via keyword arguments. Note that at
+                #   least one keyword argument is required. To specify no parameters, or to keep all
+                #   the default parameter values, pass an empty Hash as a request object (see above).
+                #
+                #   @param parent [::String]
+                #     Required. The database whose roles should be listed.
+                #     Values are of the form
+                #     `projects/<project>/instances/<instance>/databases/<database>/databaseRoles`.
+                #   @param page_size [::Integer]
+                #     Number of database roles to be returned in the response. If 0 or less,
+                #     defaults to the server's maximum allowed page size.
+                #   @param page_token [::String]
+                #     If non-empty, `page_token` should contain a
+                #     {::Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesResponse#next_page_token next_page_token} from a
+                #     previous {::Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesResponse ListDatabaseRolesResponse}.
+                #
+                # @yield [response, operation] Access the result along with the RPC operation
+                # @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::Spanner::Admin::Database::V1::DatabaseRole>]
+                # @yieldparam operation [::GRPC::ActiveCall::Operation]
+                #
+                # @return [::Gapic::PagedEnumerable<::Google::Cloud::Spanner::Admin::Database::V1::DatabaseRole>]
+                #
+                # @raise [::Google::Cloud::Error] if the RPC is aborted.
+                #
+                # @example Basic example
+                #   require "google/cloud/spanner/admin/database/v1"
+                #
+                #   # Create a client object. The client can be reused for multiple calls.
+                #   client = Google::Cloud::Spanner::Admin::Database::V1::DatabaseAdmin::Client.new
+                #
+                #   # Create a request. To set request fields, pass in keyword arguments.
+                #   request = Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesRequest.new
+                #
+                #   # Call the list_database_roles method.
+                #   result = client.list_database_roles request
+                #
+                #   # The returned object is of type Gapic::PagedEnumerable. You can
+                #   # iterate over all elements by calling #each, and the enumerable
+                #   # will lazily make API calls to fetch subsequent pages. Other
+                #   # methods are also available for managing paging directly.
+                #   result.each do |response|
+                #     # Each element is of type ::Google::Cloud::Spanner::Admin::Database::V1::DatabaseRole.
+                #     p response
+                #   end
+                #
+                def list_database_roles request, options = nil
+                  raise ::ArgumentError, "request must be provided" if request.nil?
+                  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesRequest
+                  # Converts hash and nil to an options object
+                  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
+                  # Customize the options with defaults
+                  metadata = @config.rpcs.list_database_roles.metadata.to_h
+                  # Set x-goog-api-client and x-goog-user-project headers
+                  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
+                    lib_name: @config.lib_name, lib_version: @config.lib_version,
+                    gapic_version: ::Google::Cloud::Spanner::Admin::Database::V1::VERSION
+                  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
+                  header_params = {}
+                  if request.parent
+                    header_params["parent"] = request.parent
+                  end
+                  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
+                  metadata[:"x-goog-request-params"] ||= request_params_header
+                  options.apply_defaults timeout:      @config.rpcs.list_database_roles.timeout,
+                                         metadata:     metadata,
+                                         retry_policy: @config.rpcs.list_database_roles.retry_policy
+                  options.apply_defaults timeout:      @config.timeout,
+                                         metadata:     @config.metadata,
+                                         retry_policy: @config.retry_policy
+                  @database_admin_stub.call_rpc :list_database_roles, request, options: options do |response, operation|
+                    response = ::Gapic::PagedEnumerable.new @database_admin_stub, :list_database_roles, request, response, operation, options
+                    yield response, operation if block_given?
+                    return response
+                  end
+                rescue ::GRPC::BadStatus => e
+                  raise ::Google::Cloud::Error.from_error(e)
+                end
                 ##
                 # Configuration class for the DatabaseAdmin API.
                 #
@@ -2472,6 +2584,11 @@ module Google
                     # @return [::Gapic::Config::Method]
                     #
                     attr_reader :list_backup_operations
+                    ##
+                    # RPC-specific configuration for `list_database_roles`
+                    # @return [::Gapic::Config::Method]
+                    #
+                    attr_reader :list_database_roles
                     # @private
                     def initialize parent_rpcs = nil
@@ -2511,6 +2628,8 @@ module Google
                       @list_database_operations = ::Gapic::Config::Method.new list_database_operations_config
                       list_backup_operations_config = parent_rpcs.list_backup_operations if parent_rpcs.respond_to? :list_backup_operations
                       @list_backup_operations = ::Gapic::Config::Method.new list_backup_operations_config
+                      list_database_roles_config = parent_rpcs.list_database_roles if parent_rpcs.respond_to? :list_database_roles
+                      @list_database_roles = ::Gapic::Config::Method.new list_database_roles_config
                       yield self if block_given?
                     end

data/lib/google/cloud/spanner/admin/database/v1/database_admin/operations.rb CHANGED Viewed

@@ -97,6 +97,9 @@ module Google
                     channel_args: @config.channel_args,
                     interceptors: @config.interceptors
                   )
+                  # Used by an LRO wrapper for some methods of this service
+                  @operations_client = self
                 end
                 # Service calls

data/lib/google/cloud/spanner/admin/database/v1/version.rb CHANGED Viewed

@@ -23,7 +23,7 @@ module Google
       module Admin
         module Database
           module V1
-            VERSION = "0.8.0"
+            VERSION = "0.11.0"
           end
         end
       end

data/lib/google/spanner/admin/database/v1/backup_pb.rb CHANGED Viewed

@@ -1,13 +1,14 @@
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/spanner/admin/database/v1/backup.proto
+require 'google/protobuf'
 require 'google/api/field_behavior_pb'
 require 'google/api/resource_pb'
 require 'google/longrunning/operations_pb'
 require 'google/protobuf/field_mask_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/spanner/admin/database/v1/common_pb'
-require 'google/protobuf'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/spanner/admin/database/v1/backup.proto", :syntax => :proto3) do

data/lib/google/spanner/admin/database/v1/common_pb.rb CHANGED Viewed

@@ -1,11 +1,12 @@
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/spanner/admin/database/v1/common.proto
+require 'google/protobuf'
 require 'google/api/field_behavior_pb'
 require 'google/api/resource_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/rpc/status_pb'
-require 'google/protobuf'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/spanner/admin/database/v1/common.proto", :syntax => :proto3) do

data/lib/google/spanner/admin/database/v1/spanner_database_admin_pb.rb CHANGED Viewed

@@ -1,6 +1,8 @@
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/spanner/admin/database/v1/spanner_database_admin.proto
+require 'google/protobuf'
 require 'google/api/annotations_pb'
 require 'google/api/client_pb'
 require 'google/api/field_behavior_pb'
@@ -12,7 +14,6 @@ require 'google/protobuf/empty_pb'
 require 'google/protobuf/timestamp_pb'
 require 'google/spanner/admin/database/v1/backup_pb'
 require 'google/spanner/admin/database/v1/common_pb'
-require 'google/protobuf'
 Google::Protobuf::DescriptorPool.generated_pool.build do
   add_file("google/spanner/admin/database/v1/spanner_database_admin.proto", :syntax => :proto3) do
@@ -125,6 +126,18 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :name, :string, 1
       optional :progress, :message, 2, "google.spanner.admin.database.v1.OperationProgress"
     end
+    add_message "google.spanner.admin.database.v1.DatabaseRole" do
+      optional :name, :string, 1
+    end
+    add_message "google.spanner.admin.database.v1.ListDatabaseRolesRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+    end
+    add_message "google.spanner.admin.database.v1.ListDatabaseRolesResponse" do
+      repeated :database_roles, :message, 1, "google.spanner.admin.database.v1.DatabaseRole"
+      optional :next_page_token, :string, 2
+    end
     add_enum "google.spanner.admin.database.v1.RestoreSourceType" do
       value :TYPE_UNSPECIFIED, 0
       value :BACKUP, 1
@@ -158,6 +171,9 @@ module Google
             RestoreDatabaseEncryptionConfig::EncryptionType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.spanner.admin.database.v1.RestoreDatabaseEncryptionConfig.EncryptionType").enummodule
             RestoreDatabaseMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.spanner.admin.database.v1.RestoreDatabaseMetadata").msgclass
             OptimizeRestoredDatabaseMetadata = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.spanner.admin.database.v1.OptimizeRestoredDatabaseMetadata").msgclass
+            DatabaseRole = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.spanner.admin.database.v1.DatabaseRole").msgclass
+            ListDatabaseRolesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.spanner.admin.database.v1.ListDatabaseRolesRequest").msgclass
+            ListDatabaseRolesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.spanner.admin.database.v1.ListDatabaseRolesResponse").msgclass
             RestoreSourceType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.spanner.admin.database.v1.RestoreSourceType").enummodule
           end
         end

data/lib/google/spanner/admin/database/v1/spanner_database_admin_services_pb.rb CHANGED Viewed

@@ -174,6 +174,8 @@ module Google
                 # `operation.metadata.value.progress.start_time` in descending order starting
                 # from the most recently started operation.
                 rpc :ListBackupOperations, ::Google::Cloud::Spanner::Admin::Database::V1::ListBackupOperationsRequest, ::Google::Cloud::Spanner::Admin::Database::V1::ListBackupOperationsResponse
+                # Lists Cloud Spanner database roles.
+                rpc :ListDatabaseRoles, ::Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesRequest, ::Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesResponse
               end
               Stub = Service.rpc_stub_class

data/proto_docs/google/iam/v1/iam_policy.rb CHANGED Viewed

@@ -31,6 +31,13 @@ module Google
       #     the policy is limited to a few 10s of KB. An empty policy is a
       #     valid policy but certain Cloud Platform services (such as Projects)
       #     might reject them.
+      # @!attribute [rw] update_mask
+      #   @return [::Google::Protobuf::FieldMask]
+      #     OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
+      #     the fields in the mask will be modified. If no mask is provided, the
+      #     following default mask is used:
+      #
+      #     `paths: "bindings, etag"`
       class SetIamPolicyRequest
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -44,7 +51,7 @@ module Google
       # @!attribute [rw] options
       #   @return [::Google::Iam::V1::GetPolicyOptions]
       #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
-      #     `GetIamPolicy`. This field is only used by Cloud IAM.
+      #     `GetIamPolicy`.
       class GetIamPolicyRequest
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/iam/v1/options.rb CHANGED Viewed

@@ -23,14 +23,24 @@ module Google
       # Encapsulates settings provided to GetIamPolicy.
       # @!attribute [rw] requested_policy_version
       #   @return [::Integer]
-      #     Optional. The policy format version to be returned.
+      #     Optional. The maximum policy version that will be used to format the
+      #     policy.
       #
       #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
       #     rejected.
       #
-      #     Requests for policies with any conditional bindings must specify version 3.
-      #     Policies without any conditional bindings may specify any valid value or
-      #     leave the field unset.
+      #     Requests for policies with any conditional role bindings must specify
+      #     version 3. Policies with no conditional role bindings may specify any valid
+      #     value or leave the field unset.
+      #
+      #     The policy in the response might use the policy version that you specified,
+      #     or it might use a lower policy version. For example, if you specify version
+      #     3, but the policy has no conditional role bindings, the response uses
+      #     version 1.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM
+      #     documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
       class GetPolicyOptions
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/iam/v1/policy.rb CHANGED Viewed

@@ -20,19 +20,24 @@
 module Google
   module Iam
     module V1
-      # Defines an Identity and Access Management (IAM) policy. It is used to
-      # specify access control policies for Cloud Platform resources.
+      # An Identity and Access Management (IAM) policy, which specifies access
+      # controls for Google Cloud resources.
       #
       #
       # A `Policy` is a collection of `bindings`. A `binding` binds one or more
-      # `members` to a single `role`. Members can be user accounts, service accounts,
-      # Google groups, and domains (such as G Suite). A `role` is a named list of
-      # permissions (defined by IAM or configured by users). A `binding` can
-      # optionally specify a `condition`, which is a logic expression that further
-      # constrains the role binding based on attributes about the request and/or
-      # target resource.
+      # `members`, or principals, to a single `role`. Principals can be user
+      # accounts, service accounts, Google groups, and domains (such as G Suite). A
+      # `role` is a named list of permissions; each `role` can be an IAM predefined
+      # role or a user-created custom role.
       #
-      # **JSON Example**
+      # For some types of Google Cloud resources, a `binding` can also specify a
+      # `condition`, which is a logical expression that allows access to a resource
+      # only if the expression evaluates to `true`. A condition can add constraints
+      # based on attributes of the request, the resource, or both. To learn which
+      # resources support conditions in their IAM policies, see the
+      # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
       #
       #     {
       #       "bindings": [
@@ -47,18 +52,21 @@ module Google
       #         },
       #         {
       #           "role": "roles/resourcemanager.organizationViewer",
-      #           "members": ["user:eve@example.com"],
+      #           "members": [
+      #             "user:eve@example.com"
+      #           ],
       #           "condition": {
       #             "title": "expirable access",
       #             "description": "Does not grant access after Sep 2020",
-      #             "expression": "request.time <
-      #             timestamp('2020-10-01T00:00:00.000Z')",
+      #             "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",
       #           }
       #         }
-      #       ]
+      #       ],
+      #       "etag": "BwWWja0YfJA=",
+      #       "version": 3
       #     }
       #
-      # **YAML Example**
+      # **YAML example:**
       #
       #     bindings:
       #     - members:
@@ -74,30 +82,52 @@ module Google
       #         title: expirable access
       #         description: Does not grant access after Sep 2020
       #         expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
+      #     etag: BwWWja0YfJA=
+      #     version: 3
       #
       # For a description of IAM and its features, see the
-      # [IAM developer's guide](https://cloud.google.com/iam/docs).
+      # [IAM documentation](https://cloud.google.com/iam/docs/).
       # @!attribute [rw] version
       #   @return [::Integer]
       #     Specifies the format of the policy.
       #
-      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
-      #     rejected.
+      #     Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
+      #     are rejected.
+      #
+      #     Any operation that affects conditional role bindings must specify version
+      #     `3`. This requirement applies to the following operations:
       #
-      #     Operations affecting conditional bindings must specify version 3. This can
-      #     be either setting a conditional policy, modifying a conditional binding,
-      #     or removing a binding (conditional or unconditional) from the stored
-      #     conditional policy.
-      #     Operations on non-conditional policies may specify any valid value or
-      #     leave the field unset.
+      #     * Getting a policy that includes a conditional role binding
+      #     * Adding a conditional role binding to a policy
+      #     * Changing a conditional role binding in a policy
+      #     * Removing any role binding, with or without a condition, from a policy
+      #       that includes conditions
       #
-      #     If no etag is provided in the call to `setIamPolicy`, version compliance
-      #     checks against the stored policy is skipped.
+      #     **Important:** If you use IAM Conditions, you must include the `etag` field
+      #     whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+      #     you to overwrite a version `3` policy with a version `1` policy, and all of
+      #     the conditions in the version `3` policy are lost.
+      #
+      #     If a policy does not include any conditions, operations on that policy may
+      #     specify any valid version or leave the field unset.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
       # @!attribute [rw] bindings
       #   @return [::Array<::Google::Iam::V1::Binding>]
-      #     Associates a list of `members` to a `role`. Optionally may specify a
-      #     `condition` that determines when binding is in effect.
-      #     `bindings` with no members will result in an error.
+      #     Associates a list of `members`, or principals, with a `role`. Optionally,
+      #     may specify a `condition` that determines how and when the `bindings` are
+      #     applied. Each of the `bindings` must contain at least one principal.
+      #
+      #     The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250
+      #     of these principals can be Google groups. Each occurrence of a principal
+      #     counts towards these limits. For example, if the `bindings` grant 50
+      #     different roles to `user:alice@example.com`, and not to any other
+      #     principal, then you can add another 1,450 principals to the `bindings` in
+      #     the `Policy`.
+      # @!attribute [rw] audit_configs
+      #   @return [::Array<::Google::Iam::V1::AuditConfig>]
+      #     Specifies cloud audit logging configuration for this policy.
       # @!attribute [rw] etag
       #   @return [::String]
       #     `etag` is used for optimistic concurrency control as a way to help
@@ -108,23 +138,23 @@ module Google
       #     systems are expected to put that etag in the request to `setIamPolicy` to
       #     ensure that their change will be applied to the same version of the policy.
       #
-      #     If no `etag` is provided in the call to `setIamPolicy`, then the existing
-      #     policy is overwritten. Due to blind-set semantics of an etag-less policy,
-      #     'setIamPolicy' will not fail even if the incoming policy version does not
-      #     meet the requirements for modifying the stored policy.
+      #     **Important:** If you use IAM Conditions, you must include the `etag` field
+      #     whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+      #     you to overwrite a version `3` policy with a version `1` policy, and all of
+      #     the conditions in the version `3` policy are lost.
       class Policy
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
       end
-      # Associates `members` with a `role`.
+      # Associates `members`, or principals, with a `role`.
       # @!attribute [rw] role
       #   @return [::String]
-      #     Role that is assigned to `members`.
+      #     Role that is assigned to the list of `members`, or principals.
       #     For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       # @!attribute [rw] members
       #   @return [::Array<::String>]
-      #     Specifies the identities requesting access for a Cloud Platform resource.
+      #     Specifies the principals requesting access for a Cloud Platform resource.
       #     `members` can have the following values:
       #
       #     * `allUsers`: A special identifier that represents anyone who is
@@ -143,20 +173,160 @@ module Google
       #     * `group:{emailid}`: An email address that represents a Google group.
       #        For example, `admins@example.com`.
       #
+      #     * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
+      #        identifier) representing a user that has been recently deleted. For
+      #        example, `alice@example.com?uid=123456789012345678901`. If the user is
+      #        recovered, this value reverts to `user:{emailid}` and the recovered user
+      #        retains the role in the binding.
+      #
+      #     * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
+      #        unique identifier) representing a service account that has been recently
+      #        deleted. For example,
+      #        `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
+      #        If the service account is undeleted, this value reverts to
+      #        `serviceAccount:{emailid}` and the undeleted service account retains the
+      #        role in the binding.
+      #
+      #     * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
+      #        identifier) representing a Google group that has been recently
+      #        deleted. For example, `admins@example.com?uid=123456789012345678901`. If
+      #        the group is recovered, this value reverts to `group:{emailid}` and the
+      #        recovered group retains the role in the binding.
+      #
       #
       #     * `domain:{domain}`: The G Suite domain (primary) that represents all the
       #        users of that domain. For example, `google.com` or `example.com`.
       # @!attribute [rw] condition
       #   @return [::Google::Type::Expr]
       #     The condition that is associated with this binding.
-      #     NOTE: An unsatisfied condition will not allow user access via current
-      #     binding. Different bindings, including their conditions, are examined
-      #     independently.
+      #
+      #     If the condition evaluates to `true`, then this binding applies to the
+      #     current request.
+      #
+      #     If the condition evaluates to `false`, then this binding does not apply to
+      #     the current request. However, a different role binding might grant the same
+      #     role to one or more of the principals in this binding.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM
+      #     documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
       class Binding
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
       end
+      # Specifies the audit configuration for a service.
+      # The configuration determines which permission types are logged, and what
+      # identities, if any, are exempted from logging.
+      # An AuditConfig must have one or more AuditLogConfigs.
+      #
+      # If there are AuditConfigs for both `allServices` and a specific service,
+      # the union of the two AuditConfigs is used for that service: the log_types
+      # specified in each AuditConfig are enabled, and the exempted_members in each
+      # AuditLogConfig are exempted.
+      #
+      # Example Policy with multiple AuditConfigs:
+      #
+      #     {
+      #       "audit_configs": [
+      #         {
+      #           "service": "allServices",
+      #           "audit_log_configs": [
+      #             {
+      #               "log_type": "DATA_READ",
+      #               "exempted_members": [
+      #                 "user:jose@example.com"
+      #               ]
+      #             },
+      #             {
+      #               "log_type": "DATA_WRITE"
+      #             },
+      #             {
+      #               "log_type": "ADMIN_READ"
+      #             }
+      #           ]
+      #         },
+      #         {
+      #           "service": "sampleservice.googleapis.com",
+      #           "audit_log_configs": [
+      #             {
+      #               "log_type": "DATA_READ"
+      #             },
+      #             {
+      #               "log_type": "DATA_WRITE",
+      #               "exempted_members": [
+      #                 "user:aliya@example.com"
+      #               ]
+      #             }
+      #           ]
+      #         }
+      #       ]
+      #     }
+      #
+      # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
+      # logging. It also exempts jose@example.com from DATA_READ logging, and
+      # aliya@example.com from DATA_WRITE logging.
+      # @!attribute [rw] service
+      #   @return [::String]
+      #     Specifies a service that will be enabled for audit logging.
+      #     For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
+      #     `allServices` is a special value that covers all services.
+      # @!attribute [rw] audit_log_configs
+      #   @return [::Array<::Google::Iam::V1::AuditLogConfig>]
+      #     The configuration for logging of each type of permission.
+      class AuditConfig
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+      # Provides the configuration for logging a type of permissions.
+      # Example:
+      #
+      #     {
+      #       "audit_log_configs": [
+      #         {
+      #           "log_type": "DATA_READ",
+      #           "exempted_members": [
+      #             "user:jose@example.com"
+      #           ]
+      #         },
+      #         {
+      #           "log_type": "DATA_WRITE"
+      #         }
+      #       ]
+      #     }
+      #
+      # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
+      # jose@example.com from DATA_READ logging.
+      # @!attribute [rw] log_type
+      #   @return [::Google::Iam::V1::AuditLogConfig::LogType]
+      #     The log type that this config enables.
+      # @!attribute [rw] exempted_members
+      #   @return [::Array<::String>]
+      #     Specifies the identities that do not cause logging for this type of
+      #     permission.
+      #     Follows the same format of {::Google::Iam::V1::Binding#members Binding.members}.
+      class AuditLogConfig
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+        # The list of valid permission types for which logging can be configured.
+        # Admin writes are always logged, and are not configurable.
+        module LogType
+          # Default case. Should never be this.
+          LOG_TYPE_UNSPECIFIED = 0
+          # Admin reads. Example: CloudIAM getIamPolicy
+          ADMIN_READ = 1
+          # Data writes. Example: CloudSQL Users create
+          DATA_WRITE = 2
+          # Data reads. Example: CloudSQL Users list
+          DATA_READ = 3
+        end
+      end
       # The difference delta between two policies.
       # @!attribute [rw] binding_deltas
       #   @return [::Array<::Google::Iam::V1::BindingDelta>]

data/proto_docs/google/protobuf/any.rb CHANGED Viewed

@@ -44,7 +44,7 @@ module Google
     #       foo = any.unpack(Foo.class);
     #     }
     #
-    #  Example 3: Pack and unpack a message in Python.
+    # Example 3: Pack and unpack a message in Python.
     #
     #     foo = Foo(...)
     #     any = Any()
@@ -54,7 +54,7 @@ module Google
     #       any.Unpack(foo)
     #       ...
     #
-    #  Example 4: Pack and unpack a message in Go
+    # Example 4: Pack and unpack a message in Go
     #
     #      foo := &pb.Foo{...}
     #      any, err := anypb.New(foo)
@@ -75,7 +75,7 @@ module Google
     #
     #
     # JSON
-    # ====
+    #
     # The JSON representation of an `Any` value uses the regular
     # representation of the deserialized, embedded message, with an
     # additional field `@type` which contains the type URL. Example:

data/proto_docs/google/spanner/admin/database/v1/spanner_database_admin.rb CHANGED Viewed

@@ -531,6 +531,53 @@ module Google
               extend ::Google::Protobuf::MessageExts::ClassMethods
             end
+            # A Cloud Spanner database role.
+            # @!attribute [rw] name
+            #   @return [::String]
+            #     Required. The name of the database role. Values are of the form
+            #     `projects/<project>/instances/<instance>/databases/<database>/databaseRoles/
+            #     \\{role}`, where `<role>` is as specified in the `CREATE ROLE`
+            #     DDL statement. This name can be passed to Get/Set IAMPolicy methods to
+            #     identify the database role.
+            class DatabaseRole
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+            end
+            # The request for {::Google::Cloud::Spanner::Admin::Database::V1::DatabaseAdmin::Client#list_database_roles ListDatabaseRoles}.
+            # @!attribute [rw] parent
+            #   @return [::String]
+            #     Required. The database whose roles should be listed.
+            #     Values are of the form
+            #     `projects/<project>/instances/<instance>/databases/<database>/databaseRoles`.
+            # @!attribute [rw] page_size
+            #   @return [::Integer]
+            #     Number of database roles to be returned in the response. If 0 or less,
+            #     defaults to the server's maximum allowed page size.
+            # @!attribute [rw] page_token
+            #   @return [::String]
+            #     If non-empty, `page_token` should contain a
+            #     {::Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesResponse#next_page_token next_page_token} from a
+            #     previous {::Google::Cloud::Spanner::Admin::Database::V1::ListDatabaseRolesResponse ListDatabaseRolesResponse}.
+            class ListDatabaseRolesRequest
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+            end
+            # The response for {::Google::Cloud::Spanner::Admin::Database::V1::DatabaseAdmin::Client#list_database_roles ListDatabaseRoles}.
+            # @!attribute [rw] database_roles
+            #   @return [::Array<::Google::Cloud::Spanner::Admin::Database::V1::DatabaseRole>]
+            #     Database roles that matched the request.
+            # @!attribute [rw] next_page_token
+            #   @return [::String]
+            #     `next_page_token` can be sent in a subsequent
+            #     {::Google::Cloud::Spanner::Admin::Database::V1::DatabaseAdmin::Client#list_database_roles ListDatabaseRoles}
+            #     call to fetch more of the matching roles.
+            class ListDatabaseRolesResponse
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+            end
             # Indicates the type of the restore source.
             module RestoreSourceType
               # No restore associated.

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-spanner-admin-database-v1
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.11.0
 platform: ruby
 authors:
 - Google LLC
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-03-29 00:00:00.000000000 Z
+date: 2022-07-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: '0.10'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: '0.10'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -48,50 +48,44 @@ dependencies:
   name: grpc-google-iam-v1
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.6.10
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.a
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.6.10
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.a
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: google-style
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.25.1
+        version: 1.26.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.25.1
+        version: 1.26.1
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.14'
+        version: '5.16'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.14'
+        version: '5.16'
 - !ruby/object:Gem::Dependency
   name: minitest-focus
   requirement: !ruby/object:Gem::Requirement
@@ -126,14 +120,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: redcarpet
   requirement: !ruby/object:Gem::Requirement
@@ -230,14 +224,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.5'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.5
+rubygems_version: 3.3.14
 signing_key:
 specification_version: 4
 summary: API Client library for the Cloud Spanner Database Admin V1 API