google-cloud-web_risk-v1 0.1.0

data/lib/google/cloud/web_risk/v1/web_risk_service/paths.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module WebRisk
+      module V1
+        module WebRiskService
+          # Path helper methods for the WebRiskService API.
+          module Paths
+            ##
+            # Create a fully-qualified Project resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `projects/{project}`
+            #
+            # @param project [String]
+            #
+            # @return [String]
+            def project_path project:
+              "projects/#{project}"
+            end
+
+            extend self
+          end
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/web_risk/v1/web_risk_service.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+require "gapic/common"
+require "gapic/config"
+require "gapic/config/method"
+
+require "google/cloud/web_risk/v1/version"
+
+require "google/cloud/web_risk/v1/web_risk_service/credentials"
+require "google/cloud/web_risk/v1/web_risk_service/paths"
+require "google/cloud/web_risk/v1/web_risk_service/client"
+
+module Google
+  module Cloud
+    module WebRisk
+      module V1
+        ##
+        # Web Risk API defines an interface to detect malicious URLs on your
+        # website and in client applications.
+        #
+        # To load this service and instantiate a client:
+        #
+        #     require "google/cloud/web_risk/v1/web_risk_service"
+        #     client = Google::Cloud::WebRisk::V1::WebRiskService::Client.new
+        #
+        module WebRiskService
+        end
+      end
+    end
+  end
+end
+
+helper_path = ::File.join __dir__, "web_risk_service", "helpers.rb"
+require "google/cloud/web_risk/v1/web_risk_service/helpers" if ::File.file? helper_path

data/lib/google/cloud/web_risk/v1.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+require "google/cloud/web_risk/v1/web_risk_service"
+require "google/cloud/web_risk/v1/version"
+
+module Google
+  module Cloud
+    module WebRisk
+      ##
+      # To load this package, including all its services, and instantiate a client:
+      #
+      #     require "google/cloud/web_risk/v1"
+      #     client = Google::Cloud::WebRisk::V1::WebRiskService::Client.new
+      #
+      module V1
+      end
+    end
+  end
+end

data/lib/google/cloud/webrisk/v1/webrisk_pb.rb

@@ -0,0 +1,132 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/webrisk/v1/webrisk.proto
+
+require 'google/protobuf'
+
+require 'google/api/annotations_pb'
+require 'google/api/client_pb'
+require 'google/api/field_behavior_pb'
+require 'google/api/resource_pb'
+require 'google/protobuf/timestamp_pb'
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/webrisk/v1/webrisk.proto", :syntax => :proto3) do
+    add_message "google.cloud.webrisk.v1.ComputeThreatListDiffRequest" do
+      optional :threat_type, :enum, 1, "google.cloud.webrisk.v1.ThreatType"
+      optional :version_token, :bytes, 2
+      optional :constraints, :message, 3, "google.cloud.webrisk.v1.ComputeThreatListDiffRequest.Constraints"
+    end
+    add_message "google.cloud.webrisk.v1.ComputeThreatListDiffRequest.Constraints" do
+      optional :max_diff_entries, :int32, 1
+      optional :max_database_entries, :int32, 2
+      repeated :supported_compressions, :enum, 3, "google.cloud.webrisk.v1.CompressionType"
+    end
+    add_message "google.cloud.webrisk.v1.ComputeThreatListDiffResponse" do
+      optional :response_type, :enum, 4, "google.cloud.webrisk.v1.ComputeThreatListDiffResponse.ResponseType"
+      optional :additions, :message, 5, "google.cloud.webrisk.v1.ThreatEntryAdditions"
+      optional :removals, :message, 6, "google.cloud.webrisk.v1.ThreatEntryRemovals"
+      optional :new_version_token, :bytes, 7
+      optional :checksum, :message, 8, "google.cloud.webrisk.v1.ComputeThreatListDiffResponse.Checksum"
+      optional :recommended_next_diff, :message, 2, "google.protobuf.Timestamp"
+    end
+    add_message "google.cloud.webrisk.v1.ComputeThreatListDiffResponse.Checksum" do
+      optional :sha256, :bytes, 1
+    end
+    add_enum "google.cloud.webrisk.v1.ComputeThreatListDiffResponse.ResponseType" do
+      value :RESPONSE_TYPE_UNSPECIFIED, 0
+      value :DIFF, 1
+      value :RESET, 2
+    end
+    add_message "google.cloud.webrisk.v1.SearchUrisRequest" do
+      optional :uri, :string, 1
+      repeated :threat_types, :enum, 2, "google.cloud.webrisk.v1.ThreatType"
+    end
+    add_message "google.cloud.webrisk.v1.SearchUrisResponse" do
+      optional :threat, :message, 1, "google.cloud.webrisk.v1.SearchUrisResponse.ThreatUri"
+    end
+    add_message "google.cloud.webrisk.v1.SearchUrisResponse.ThreatUri" do
+      repeated :threat_types, :enum, 1, "google.cloud.webrisk.v1.ThreatType"
+      optional :expire_time, :message, 2, "google.protobuf.Timestamp"
+    end
+    add_message "google.cloud.webrisk.v1.SearchHashesRequest" do
+      optional :hash_prefix, :bytes, 1
+      repeated :threat_types, :enum, 2, "google.cloud.webrisk.v1.ThreatType"
+    end
+    add_message "google.cloud.webrisk.v1.SearchHashesResponse" do
+      repeated :threats, :message, 1, "google.cloud.webrisk.v1.SearchHashesResponse.ThreatHash"
+      optional :negative_expire_time, :message, 2, "google.protobuf.Timestamp"
+    end
+    add_message "google.cloud.webrisk.v1.SearchHashesResponse.ThreatHash" do
+      repeated :threat_types, :enum, 1, "google.cloud.webrisk.v1.ThreatType"
+      optional :hash, :bytes, 2
+      optional :expire_time, :message, 3, "google.protobuf.Timestamp"
+    end
+    add_message "google.cloud.webrisk.v1.ThreatEntryAdditions" do
+      repeated :raw_hashes, :message, 1, "google.cloud.webrisk.v1.RawHashes"
+      optional :rice_hashes, :message, 2, "google.cloud.webrisk.v1.RiceDeltaEncoding"
+    end
+    add_message "google.cloud.webrisk.v1.ThreatEntryRemovals" do
+      optional :raw_indices, :message, 1, "google.cloud.webrisk.v1.RawIndices"
+      optional :rice_indices, :message, 2, "google.cloud.webrisk.v1.RiceDeltaEncoding"
+    end
+    add_message "google.cloud.webrisk.v1.RawIndices" do
+      repeated :indices, :int32, 1
+    end
+    add_message "google.cloud.webrisk.v1.RawHashes" do
+      optional :prefix_size, :int32, 1
+      optional :raw_hashes, :bytes, 2
+    end
+    add_message "google.cloud.webrisk.v1.RiceDeltaEncoding" do
+      optional :first_value, :int64, 1
+      optional :rice_parameter, :int32, 2
+      optional :entry_count, :int32, 3
+      optional :encoded_data, :bytes, 4
+    end
+    add_message "google.cloud.webrisk.v1.Submission" do
+      optional :uri, :string, 1
+    end
+    add_message "google.cloud.webrisk.v1.CreateSubmissionRequest" do
+      optional :parent, :string, 1
+      optional :submission, :message, 2, "google.cloud.webrisk.v1.Submission"
+    end
+    add_enum "google.cloud.webrisk.v1.ThreatType" do
+      value :THREAT_TYPE_UNSPECIFIED, 0
+      value :MALWARE, 1
+      value :SOCIAL_ENGINEERING, 2
+      value :UNWANTED_SOFTWARE, 3
+    end
+    add_enum "google.cloud.webrisk.v1.CompressionType" do
+      value :COMPRESSION_TYPE_UNSPECIFIED, 0
+      value :RAW, 1
+      value :RICE, 2
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module WebRisk
+      module V1
+        ComputeThreatListDiffRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.ComputeThreatListDiffRequest").msgclass
+        ComputeThreatListDiffRequest::Constraints = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.ComputeThreatListDiffRequest.Constraints").msgclass
+        ComputeThreatListDiffResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.ComputeThreatListDiffResponse").msgclass
+        ComputeThreatListDiffResponse::Checksum = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.ComputeThreatListDiffResponse.Checksum").msgclass
+        ComputeThreatListDiffResponse::ResponseType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.ComputeThreatListDiffResponse.ResponseType").enummodule
+        SearchUrisRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.SearchUrisRequest").msgclass
+        SearchUrisResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.SearchUrisResponse").msgclass
+        SearchUrisResponse::ThreatUri = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.SearchUrisResponse.ThreatUri").msgclass
+        SearchHashesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.SearchHashesRequest").msgclass
+        SearchHashesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.SearchHashesResponse").msgclass
+        SearchHashesResponse::ThreatHash = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.SearchHashesResponse.ThreatHash").msgclass
+        ThreatEntryAdditions = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.ThreatEntryAdditions").msgclass
+        ThreatEntryRemovals = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.ThreatEntryRemovals").msgclass
+        RawIndices = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.RawIndices").msgclass
+        RawHashes = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.RawHashes").msgclass
+        RiceDeltaEncoding = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.RiceDeltaEncoding").msgclass
+        Submission = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.Submission").msgclass
+        CreateSubmissionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.CreateSubmissionRequest").msgclass
+        ThreatType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.ThreatType").enummodule
+        CompressionType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.webrisk.v1.CompressionType").enummodule
+      end
+    end
+  end
+end

data/lib/google/cloud/webrisk/v1/webrisk_services_pb.rb

@@ -0,0 +1,70 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# Source: google/cloud/webrisk/v1/webrisk.proto for package 'Google.Cloud.WebRisk.V1'
+# Original file comments:
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'grpc'
+require 'google/cloud/webrisk/v1/webrisk_pb'
+
+module Google
+  module Cloud
+    module WebRisk
+      module V1
+        module WebRiskService
+          # Web Risk API defines an interface to detect malicious URLs on your
+          # website and in client applications.
+          class Service
+
+            include GRPC::GenericService
+
+            self.marshal_class_method = :encode
+            self.unmarshal_class_method = :decode
+            self.service_name = 'google.cloud.webrisk.v1.WebRiskService'
+
+            # Gets the most recent threat list diffs. These diffs should be applied to
+            # a local database of hashes to keep it up-to-date. If the local database is
+            # empty or excessively out-of-date, a complete snapshot of the database will
+            # be returned. This Method only updates a single ThreatList at a time. To
+            # update multiple ThreatList databases, this method needs to be called once
+            # for each list.
+            rpc :ComputeThreatListDiff, Google::Cloud::WebRisk::V1::ComputeThreatListDiffRequest, Google::Cloud::WebRisk::V1::ComputeThreatListDiffResponse
+            # This method is used to check whether a URI is on a given threatList.
+            # Multiple threatLists may be searched in a single query.
+            # The response will list all requested threatLists the URI was found to
+            # match. If the URI is not found on any of the requested ThreatList an
+            # empty response will be returned.
+            rpc :SearchUris, Google::Cloud::WebRisk::V1::SearchUrisRequest, Google::Cloud::WebRisk::V1::SearchUrisResponse
+            # Gets the full hashes that match the requested hash prefix.
+            # This is used after a hash prefix is looked up in a threatList
+            # and there is a match. The client side threatList only holds partial hashes
+            # so the client must query this method to determine if there is a full
+            # hash match of a threat.
+            rpc :SearchHashes, Google::Cloud::WebRisk::V1::SearchHashesRequest, Google::Cloud::WebRisk::V1::SearchHashesResponse
+            # Creates a Submission of a URI suspected of containing phishing content to
+            # be reviewed. If the result verifies the existence of malicious phishing
+            # content, the site will be added to the [Google's Social Engineering
+            # lists](https://support.google.com/webmasters/answer/6350487/) in order to
+            # protect users that could get exposed to this threat in the future. Only
+            # projects with CREATE_SUBMISSION_USERS visibility can use this method.
+            rpc :CreateSubmission, Google::Cloud::WebRisk::V1::CreateSubmissionRequest, Google::Cloud::WebRisk::V1::Submission
+          end
+
+          Stub = Service.rpc_stub_class
+        end
+      end
+    end
+  end
+end

data/lib/google-cloud-web_risk-v1.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+# This gem does not autoload during Bundler.require. To load this gem,
+# issue explicit require statements for the packages desired, e.g.:
+# require "google/cloud/web_risk/v1"

data/proto_docs/README.md

@@ -0,0 +1,4 @@
+# Web Risk V1 Protocol Buffer Documentation
+
+These files are for the YARD documentation of the generated protobuf files.
+They are not intended to be required or loaded at runtime.

data/proto_docs/google/api/field_behavior.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Api
+    # An indicator of the behavior of a given field (for example, that a field
+    # is required in requests, or given as output but ignored as input).
+    # This **does not** change the behavior in protocol buffers itself; it only
+    # denotes the behavior and may affect how API tooling handles the field.
+    #
+    # Note: This enum **may** receive new values in the future.
+    module FieldBehavior
+      # Conventional default for enums. Do not use this.
+      FIELD_BEHAVIOR_UNSPECIFIED = 0
+
+      # Specifically denotes a field as optional.
+      # While all fields in protocol buffers are optional, this may be specified
+      # for emphasis if appropriate.
+      OPTIONAL = 1
+
+      # Denotes a field as required.
+      # This indicates that the field **must** be provided as part of the request,
+      # and failure to do so will cause an error (usually `INVALID_ARGUMENT`).
+      REQUIRED = 2
+
+      # Denotes a field as output only.
+      # This indicates that the field is provided in responses, but including the
+      # field in a request does nothing (the server *must* ignore it and
+      # *must not* throw an error as a result of the field's presence).
+      OUTPUT_ONLY = 3
+
+      # Denotes a field as input only.
+      # This indicates that the field is provided in requests, and the
+      # corresponding field is not included in output.
+      INPUT_ONLY = 4
+
+      # Denotes a field as immutable.
+      # This indicates that the field may be set once in a request to create a
+      # resource, but may not be changed thereafter.
+      IMMUTABLE = 5
+    end
+  end
+end

data/proto_docs/google/api/resource.rb

@@ -0,0 +1,247 @@
+# frozen_string_literal: true
+
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Api
+    # A simple descriptor of a resource type.
+    #
+    # ResourceDescriptor annotates a resource message (either by means of a
+    # protobuf annotation or use in the service config), and associates the
+    # resource's schema, the resource type, and the pattern of the resource name.
+    #
+    # Example:
+    #
+    #     message Topic {
+    #       // Indicates this message defines a resource schema.
+    #       // Declares the resource type in the format of {service}/{kind}.
+    #       // For Kubernetes resources, the format is {api group}/{kind}.
+    #       option (google.api.resource) = {
+    #         type: "pubsub.googleapis.com/Topic"
+    #         name_descriptor: {
+    #           pattern: "projects/{project}/topics/{topic}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #         }
+    #       };
+    #     }
+    #
+    # The ResourceDescriptor Yaml config will look like:
+    #
+    #    resources:
+    #    - type: "pubsub.googleapis.com/Topic"
+    #      name_descriptor:
+    #        - pattern: "projects/\\{project}/topics/\\{topic}"
+    #          parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #          parent_name_extractor: "projects/\\{project}"
+    #
+    # Sometimes, resources have multiple patterns, typically because they can
+    # live under multiple parents.
+    #
+    # Example:
+    #
+    #     message LogEntry {
+    #       option (google.api.resource) = {
+    #         type: "logging.googleapis.com/LogEntry"
+    #         name_descriptor: {
+    #           pattern: "projects/{project}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "folders/{folder}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #           parent_name_extractor: "folders/{folder}"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "organizations/{organization}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Organization"
+    #           parent_name_extractor: "organizations/{organization}"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "billingAccounts/{billing_account}/logs/{log}"
+    #           parent_type: "billing.googleapis.com/BillingAccount"
+    #           parent_name_extractor: "billingAccounts/{billing_account}"
+    #         }
+    #       };
+    #     }
+    #
+    # The ResourceDescriptor Yaml config will look like:
+    #
+    #     resources:
+    #     - type: 'logging.googleapis.com/LogEntry'
+    #       name_descriptor:
+    #         - pattern: "projects/{project}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
+    #         - pattern: "folders/{folder}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #           parent_name_extractor: "folders/{folder}"
+    #         - pattern: "organizations/{organization}/logs/{log}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Organization"
+    #           parent_name_extractor: "organizations/{organization}"
+    #         - pattern: "billingAccounts/{billing_account}/logs/{log}"
+    #           parent_type: "billing.googleapis.com/BillingAccount"
+    #           parent_name_extractor: "billingAccounts/{billing_account}"
+    #
+    # For flexible resources, the resource name doesn't contain parent names, but
+    # the resource itself has parents for policy evaluation.
+    #
+    # Example:
+    #
+    #     message Shelf {
+    #       option (google.api.resource) = {
+    #         type: "library.googleapis.com/Shelf"
+    #         name_descriptor: {
+    #           pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #         }
+    #         name_descriptor: {
+    #           pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    #         }
+    #       };
+    #     }
+    #
+    # The ResourceDescriptor Yaml config will look like:
+    #
+    #     resources:
+    #     - type: 'library.googleapis.com/Shelf'
+    #       name_descriptor:
+    #         - pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #         - pattern: "shelves/{shelf}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Folder"
+    # @!attribute [rw] type
+    #   @return [String]
+    #     The resource type. It must be in the format of
+    #     \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be
+    #     singular and must not include version numbers.
+    #
+    #     Example: `storage.googleapis.com/Bucket`
+    #
+    #     The value of the resource_type_kind must follow the regular expression
+    #     /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and
+    #     should use PascalCase (UpperCamelCase). The maximum number of
+    #     characters allowed for the `resource_type_kind` is 100.
+    # @!attribute [rw] pattern
+    #   @return [Array<String>]
+    #     Optional. The relative resource name pattern associated with this resource
+    #     type. The DNS prefix of the full resource name shouldn't be specified here.
+    #
+    #     The path pattern must follow the syntax, which aligns with HTTP binding
+    #     syntax:
+    #
+    #         Template = Segment { "/" Segment } ;
+    #         Segment = LITERAL | Variable ;
+    #         Variable = "{" LITERAL "}" ;
+    #
+    #     Examples:
+    #
+    #         - "projects/\\{project}/topics/\\{topic}"
+    #         - "projects/\\{project}/knowledgeBases/\\{knowledge_base}"
+    #
+    #     The components in braces correspond to the IDs for each resource in the
+    #     hierarchy. It is expected that, if multiple patterns are provided,
+    #     the same component name (e.g. "project") refers to IDs of the same
+    #     type of resource.
+    # @!attribute [rw] name_field
+    #   @return [String]
+    #     Optional. The field on the resource that designates the resource name
+    #     field. If omitted, this is assumed to be "name".
+    # @!attribute [rw] history
+    #   @return [Google::Api::ResourceDescriptor::History]
+    #     Optional. The historical or future-looking state of the resource pattern.
+    #
+    #     Example:
+    #
+    #         // The InspectTemplate message originally only supported resource
+    #         // names with organization, and project was added later.
+    #         message InspectTemplate {
+    #           option (google.api.resource) = {
+    #             type: "dlp.googleapis.com/InspectTemplate"
+    #             pattern:
+    #             "organizations/{organization}/inspectTemplates/{inspect_template}"
+    #             pattern: "projects/{project}/inspectTemplates/{inspect_template}"
+    #             history: ORIGINALLY_SINGLE_PATTERN
+    #           };
+    #         }
+    # @!attribute [rw] plural
+    #   @return [String]
+    #     The plural name used in the resource name, such as 'projects' for
+    #     the name of 'projects/\\{project}'. It is the same concept of the `plural`
+    #     field in k8s CRD spec
+    #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
+    # @!attribute [rw] singular
+    #   @return [String]
+    #     The same concept of the `singular` field in k8s CRD spec
+    #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
+    #     Such as "project" for the `resourcemanager.googleapis.com/Project` type.
+    class ResourceDescriptor
+      include Google::Protobuf::MessageExts
+      extend Google::Protobuf::MessageExts::ClassMethods
+
+      # A description of the historical or future-looking state of the
+      # resource pattern.
+      module History
+        # The "unset" value.
+        HISTORY_UNSPECIFIED = 0
+
+        # The resource originally had one pattern and launched as such, and
+        # additional patterns were added later.
+        ORIGINALLY_SINGLE_PATTERN = 1
+
+        # The resource has one pattern, but the API owner expects to add more
+        # later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents
+        # that from being necessary once there are multiple patterns.)
+        FUTURE_MULTI_PATTERN = 2
+      end
+    end
+
+    # Defines a proto annotation that describes a string field that refers to
+    # an API resource.
+    # @!attribute [rw] type
+    #   @return [String]
+    #     The resource type that the annotated field references.
+    #
+    #     Example:
+    #
+    #         message Subscription {
+    #           string topic = 2 [(google.api.resource_reference) = {
+    #             type: "pubsub.googleapis.com/Topic"
+    #           }];
+    #         }
+    # @!attribute [rw] child_type
+    #   @return [String]
+    #     The resource type of a child collection that the annotated field
+    #     references. This is useful for annotating the `parent` field that
+    #     doesn't have a fixed resource type.
+    #
+    #     Example:
+    #
+    #       message ListLogEntriesRequest {
+    #         string parent = 1 [(google.api.resource_reference) = {
+    #           child_type: "logging.googleapis.com/LogEntry"
+    #         };
+    #       }
+    class ResourceReference
+      include Google::Protobuf::MessageExts
+      extend Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end