google-iam-v3beta 0.4.1 → 0.7.0

data/proto_docs/google/iam/v3beta/access_policies_service.rb

@@ -0,0 +1,203 @@
+# frozen_string_literal: true
+
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Iam
+    module V3beta
+      # Request message for CreateAccessPolicy method.
+      # @!attribute [rw] parent
+      #   @return [::String]
+      #     Required. The parent resource where this access policy will be created.
+      #
+      #     Format:
+      #       `projects/{project_id}/locations/{location}`
+      #       `projects/{project_number}/locations/{location}`
+      #       `folders/{folder_id}/locations/{location}`
+      #       `organizations/{organization_id}/locations/{location}`
+      # @!attribute [rw] access_policy_id
+      #   @return [::String]
+      #     Required. The ID to use for the access policy, which
+      #     will become the final component of the access policy's
+      #     resource name.
+      #
+      #     This value must start with a lowercase letter followed by up to 62
+      #     lowercase letters, numbers, hyphens, or dots. Pattern,
+      #     /[a-z][a-z0-9-\.]\\{2,62}/.
+      #
+      #     This value must be unique among all access policies with the same parent.
+      # @!attribute [rw] access_policy
+      #   @return [::Google::Iam::V3beta::AccessPolicy]
+      #     Required. The access policy to create.
+      # @!attribute [rw] validate_only
+      #   @return [::Boolean]
+      #     Optional. If set, validate the request and preview the creation, but do not
+      #     actually post it.
+      class CreateAccessPolicyRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Request message for GetAccessPolicy method.
+      # @!attribute [rw] name
+      #   @return [::String]
+      #     Required. The name of the access policy to retrieve.
+      #
+      #     Format:
+      #       `projects/{project_id}/locations/{location}/accessPolicies/{access_policy_id}`
+      #       `projects/{project_number}/locations/{location}/accessPolicies/{access_policy_id}`
+      #       `folders/{folder_id}/locations/{location}/accessPolicies/{access_policy_id}`
+      #       `organizations/{organization_id}/locations/{location}/accessPolicies/{access_policy_id}`
+      class GetAccessPolicyRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Request message for UpdateAccessPolicy method.
+      # @!attribute [rw] access_policy
+      #   @return [::Google::Iam::V3beta::AccessPolicy]
+      #     Required. The access policy to update.
+      #
+      #     The access policy's `name` field is used to identify the
+      #     policy to update.
+      # @!attribute [rw] validate_only
+      #   @return [::Boolean]
+      #     Optional. If set, validate the request and preview the update, but do not
+      #     actually post it.
+      class UpdateAccessPolicyRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Request message for DeleteAccessPolicy method.
+      # @!attribute [rw] name
+      #   @return [::String]
+      #     Required. The name of the access policy to delete.
+      #
+      #     Format:
+      #       `projects/{project_id}/locations/{location}/accessPolicies/{access_policy_id}`
+      #       `projects/{project_number}/locations/{location}/accessPolicies/{access_policy_id}`
+      #       `folders/{folder_id}/locations/{location}/accessPolicies/{access_policy_id}`
+      #       `organizations/{organization_id}/locations/{location}/accessPolicies/{access_policy_id}`
+      # @!attribute [rw] etag
+      #   @return [::String]
+      #     Optional. The etag of the access policy. If this is provided, it must match
+      #     the server's etag.
+      # @!attribute [rw] validate_only
+      #   @return [::Boolean]
+      #     Optional. If set, validate the request and preview the deletion, but do not
+      #     actually post it.
+      # @!attribute [rw] force
+      #   @return [::Boolean]
+      #     Optional. If set to true, the request will force the deletion of the Policy
+      #     even if the Policy references PolicyBindings.
+      class DeleteAccessPolicyRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Request message for ListAccessPolicies method.
+      # @!attribute [rw] parent
+      #   @return [::String]
+      #     Required. The parent resource, which owns the collection of access policy
+      #     resources.
+      #
+      #     Format:
+      #       `projects/{project_id}/locations/{location}`
+      #       `projects/{project_number}/locations/{location}`
+      #       `folders/{folder_id}/locations/{location}`
+      #       `organizations/{organization_id}/locations/{location}`
+      # @!attribute [rw] page_size
+      #   @return [::Integer]
+      #     Optional. The maximum number of access policies to return. The
+      #     service may return fewer than this value.
+      #
+      #     If unspecified, at most 50 access policies will be returned. Valid value
+      #     ranges from 1 to 1000; values above 1000 will be coerced to 1000.
+      # @!attribute [rw] page_token
+      #   @return [::String]
+      #     Optional. A page token, received from a previous
+      #     `ListAccessPolicies` call. Provide this to retrieve the
+      #     subsequent page.
+      #
+      #     When paginating, all other parameters provided to
+      #     `ListAccessPolicies` must match the call that provided the
+      #     page token.
+      class ListAccessPoliciesRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Response message for ListAccessPolicies method.
+      # @!attribute [rw] access_policies
+      #   @return [::Array<::Google::Iam::V3beta::AccessPolicy>]
+      #     The access policies from the specified parent.
+      # @!attribute [rw] next_page_token
+      #   @return [::String]
+      #     Optional. A token, which can be sent as `page_token` to retrieve the next
+      #     page. If this field is omitted, there are no subsequent pages.
+      class ListAccessPoliciesResponse
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Request message for SearchAccessPolicyBindings rpc.
+      # @!attribute [rw] name
+      #   @return [::String]
+      #     Required. The name of the access policy.
+      #     Format:
+      #      `organizations/{organization_id}/locations/{location}/accessPolicies/{access_policy_id}`
+      #      `folders/{folder_id}/locations/{location}/accessPolicies/{access_policy_id}`
+      #      `projects/{project_id}/locations/{location}/accessPolicies/{access_policy_id}`
+      #      `projects/{project_number}/locations/{location}/accessPolicies/{access_policy_id}`
+      # @!attribute [rw] page_size
+      #   @return [::Integer]
+      #     Optional. The maximum number of policy bindings to return. The service may
+      #     return fewer than this value.
+      #
+      #     If unspecified, at most 50 policy bindings will be returned.
+      #     The maximum value is 1000; values above 1000 will be coerced to 1000.
+      # @!attribute [rw] page_token
+      #   @return [::String]
+      #     Optional. A page token, received from a previous
+      #     `SearchAccessPolicyBindingsRequest` call. Provide this to
+      #     retrieve the subsequent page.
+      #
+      #     When paginating, all other parameters provided to
+      #     `SearchAccessPolicyBindingsRequest` must match the call
+      #     that provided the page token.
+      class SearchAccessPolicyBindingsRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Response message for SearchAccessPolicyBindings rpc.
+      # @!attribute [rw] policy_bindings
+      #   @return [::Array<::Google::Iam::V3beta::PolicyBinding>]
+      #     The policy bindings that reference the specified policy.
+      # @!attribute [rw] next_page_token
+      #   @return [::String]
+      #     Optional. A token, which can be sent as `page_token` to retrieve the next
+      #     page. If this field is omitted, there are no subsequent pages.
+      class SearchAccessPolicyBindingsResponse
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+  end
+end

data/proto_docs/google/iam/v3beta/access_policy_resources.rb

@@ -0,0 +1,223 @@
+# frozen_string_literal: true
+
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Iam
+    module V3beta
+      # An IAM access policy resource.
+      # @!attribute [rw] name
+      #   @return [::String]
+      #     Identifier. The resource name of the access policy.
+      #
+      #     The following formats are supported:
+      #
+      #     * `projects/{project_id}/locations/{location}/accessPolicies/{policy_id}`
+      #     * `projects/{project_number}/locations/{location}/accessPolicies/{policy_id}`
+      #     * `folders/{folder_id}/locations/{location}/accessPolicies/{policy_id}`
+      #     * `organizations/{organization_id}/locations/{location}/accessPolicies/{policy_id}`
+      # @!attribute [r] uid
+      #   @return [::String]
+      #     Output only. The globally unique ID of the access policy.
+      # @!attribute [rw] etag
+      #   @return [::String]
+      #     Optional. The etag for the access policy.
+      #     If this is provided on update, it must match the server's etag.
+      # @!attribute [rw] display_name
+      #   @return [::String]
+      #     Optional. The description of the access policy. Must be less than
+      #     or equal to 63 characters.
+      # @!attribute [rw] annotations
+      #   @return [::Google::Protobuf::Map{::String => ::String}]
+      #     Optional. User defined annotations. See
+      #     https://google.aip.dev/148#annotations for more details such as format and
+      #     size limitations
+      # @!attribute [r] create_time
+      #   @return [::Google::Protobuf::Timestamp]
+      #     Output only. The time when the access policy was created.
+      # @!attribute [r] update_time
+      #   @return [::Google::Protobuf::Timestamp]
+      #     Output only. The time when the access policy was most recently
+      #     updated.
+      # @!attribute [rw] details
+      #   @return [::Google::Iam::V3beta::AccessPolicyDetails]
+      #     Optional. The details for the access policy.
+      class AccessPolicy
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # @!attribute [rw] key
+        #   @return [::String]
+        # @!attribute [rw] value
+        #   @return [::String]
+        class AnnotationsEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+
+      # Access policy details.
+      # @!attribute [rw] rules
+      #   @return [::Array<::Google::Iam::V3beta::AccessPolicyRule>]
+      #     Required. A list of access policy rules.
+      class AccessPolicyDetails
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Access Policy Rule that determines the behavior of the policy.
+      # @!attribute [rw] description
+      #   @return [::String]
+      #     Optional. Customer specified description of the rule. Must be less than or
+      #     equal to 256 characters.
+      # @!attribute [rw] effect
+      #   @return [::Google::Iam::V3beta::AccessPolicyRule::Effect]
+      #     Required. The effect of the rule.
+      # @!attribute [rw] principals
+      #   @return [::Array<::String>]
+      #     Required. The identities for which this rule's effect governs using one or
+      #     more permissions on Google Cloud resources. This field can contain the
+      #     following values:
+      #
+      #     * `principal://goog/subject/{email_id}`: A specific Google Account.
+      #     Includes Gmail, Cloud Identity, and Google Workspace user accounts. For
+      #     example, `principal://goog/subject/alice@example.com`.
+      #
+      #     * `principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}`:
+      #     A Google Cloud service account. For example,
+      #     `principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.gserviceaccount.com`.
+      #
+      #     * `principalSet://goog/group/{group_id}`: A Google group. For example,
+      #     `principalSet://goog/group/admins@example.com`.
+      #
+      #     * `principalSet://goog/cloudIdentityCustomerId/{customer_id}`: All of the
+      #     principals associated with the specified Google Workspace or Cloud
+      #     Identity customer ID. For example,
+      #     `principalSet://goog/cloudIdentityCustomerId/C01Abc35`.
+      #
+      #
+      #     If an identifier that was previously set on a policy is soft deleted, then
+      #     calls to read that policy will return the identifier with a deleted
+      #     prefix. Users cannot set identifiers with this syntax.
+      #
+      #     * `deleted:principal://goog/subject/{email_id}?uid={uid}`: A specific
+      #     Google Account that was deleted recently. For example,
+      #     `deleted:principal://goog/subject/alice@example.com?uid=1234567890`. If
+      #     the Google Account is recovered, this identifier reverts to the standard
+      #     identifier for a Google Account.
+      #
+      #     * `deleted:principalSet://goog/group/{group_id}?uid={uid}`: A Google group
+      #     that was deleted recently. For example,
+      #     `deleted:principalSet://goog/group/admins@example.com?uid=1234567890`.
+      #     If the Google group is restored, this identifier reverts to the standard
+      #     identifier for a Google group.
+      #
+      #     * `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}?uid={uid}`:
+      #     A Google Cloud service account that was deleted recently. For example,
+      #     `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.gserviceaccount.com?uid=1234567890`.
+      #     If the service account is undeleted, this identifier reverts to the
+      #     standard identifier for a service account.
+      # @!attribute [rw] excluded_principals
+      #   @return [::Array<::String>]
+      #     Optional. The identities that are excluded from the access policy rule,
+      #     even if they are listed in the `principals`. For example, you could add a
+      #     Google group to the `principals`, then exclude specific users who belong to
+      #     that group.
+      # @!attribute [rw] operation
+      #   @return [::Google::Iam::V3beta::AccessPolicyRule::Operation]
+      #     Required. Attributes that are used to determine whether this rule applies
+      #     to a request.
+      # @!attribute [rw] conditions
+      #   @return [::Google::Protobuf::Map{::String => ::Google::Type::Expr}]
+      #     Optional. The conditions that determine whether this rule applies to a
+      #     request. Conditions are identified by their key, which is the FQDN of the
+      #     service that they are relevant to. For example:
+      #
+      #     ```
+      #     "conditions": {
+      #      "iam.googleapis.com": {
+      #       "expression": <cel expression>
+      #      }
+      #     }
+      #     ```
+      #
+      #     Each rule is evaluated independently. If this rule does not apply
+      #     to a request, other rules might still apply.
+      #     Currently supported keys are as follows:
+      #
+      #
+      #     * `eventarc.googleapis.com`: Can use `CEL` functions that evaluate
+      #       resource fields.
+      #
+      #     * `iam.googleapis.com`: Can use `CEL` functions that evaluate
+      #       [resource
+      #       tags](https://cloud.google.com/iam/help/conditions/resource-tags) and
+      #       combine them using boolean and logical operators. Other functions and
+      #       operators are not supported.
+      class AccessPolicyRule
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # Attributes that are used to determine whether this rule applies to a
+        # request.
+        # @!attribute [rw] permissions
+        #   @return [::Array<::String>]
+        #     Optional. The permissions that are explicitly affected by this rule. Each
+        #     permission uses the format `{service_fqdn}/{resource}.{verb}`, where
+        #     `{service_fqdn}` is the fully qualified domain name for the service.
+        #     Currently supported permissions are as follows:
+        #
+        #     * `eventarc.googleapis.com/messageBuses.publish`.
+        # @!attribute [rw] excluded_permissions
+        #   @return [::Array<::String>]
+        #     Optional. Specifies the permissions that this rule excludes from the set
+        #     of affected permissions given by `permissions`. If a permission appears
+        #     in `permissions` _and_ in `excluded_permissions` then it will _not_ be
+        #     subject to the policy effect.
+        #
+        #     The excluded permissions can be specified using the same syntax as
+        #     `permissions`.
+        class Operation
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # @!attribute [rw] key
+        #   @return [::String]
+        # @!attribute [rw] value
+        #   @return [::Google::Type::Expr]
+        class ConditionsEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # An effect to describe the access relationship.
+        module Effect
+          # The effect is unspecified.
+          EFFECT_UNSPECIFIED = 0
+
+          # The policy will deny access if it evaluates to true.
+          DENY = 1
+
+          # The policy will grant access if it evaluates to true.
+          ALLOW = 2
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/iam/v3beta/policy_binding_resources.rb

@@ -53,8 +53,8 @@ module Google
       #     size limitations
       # @!attribute [rw] target
       #   @return [::Google::Iam::V3beta::PolicyBinding::Target]
-      #     Required. Immutable. Target is the full resource name of the resource to
-      #     which the policy will be bound. Immutable once set.
+      #     Required. Immutable. The full resource name of the resource to which the
+      #     policy will be bound. Immutable once set.
       # @!attribute [rw] policy_kind
       #   @return [::Google::Iam::V3beta::PolicyBinding::PolicyKind]
       #     Immutable. The kind of the policy to attach in this binding. This field
@@ -100,13 +100,14 @@ module Google
       #     - `principal.type != <principal type string>`
       #     - `principal.type in [<list of principal types>]`
       #
-      #     Supported principal types are Workspace, Workforce Pool, Workload Pool and
-      #     Service Account. Allowed string must be one of:
+      #     Supported principal types are workspace, workforce pool, workload pool,
+      #     service account, and Agent Identity. Allowed string must be one of:
       #
-      #     - iam.googleapis.com/WorkspaceIdentity
-      #     - iam.googleapis.com/WorkforcePoolIdentity
-      #     - iam.googleapis.com/WorkloadPoolIdentity
-      #     - iam.googleapis.com/ServiceAccount
+      #     - `iam.googleapis.com/WorkspaceIdentity`
+      #     - `iam.googleapis.com/WorkforcePoolIdentity`
+      #     - `iam.googleapis.com/WorkloadPoolIdentity`
+      #     - `iam.googleapis.com/ServiceAccount`
+      #     - `iam.googleapis.com/AgentPoolIdentity` (available in Preview)
       # @!attribute [r] create_time
       #   @return [::Google::Protobuf::Timestamp]
       #     Output only. The time when the policy binding was created.
@@ -117,32 +118,50 @@ module Google
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
 
-        # Target is the full resource name of the resource to which the policy will
+        # The full resource name of the resource to which the policy will
         # be bound. Immutable once set.
         # @!attribute [rw] principal_set
         #   @return [::String]
-        #     Immutable. Full Resource Name used for principal access boundary policy
-        #     bindings. The principal set must be directly parented by the policy
-        #     binding's parent or same as the parent if the target is a
-        #     project/folder/organization.
+        #     Immutable. The full resource name that's used for principal access
+        #     boundary policy bindings. The principal set must be directly parented
+        #     by the policy binding's parent or same as the parent if the target is a
+        #     project, folder, or organization.
         #
         #     Examples:
-        #     * For binding's parented by an organization:
-        #       * Organization:
-        #       `//cloudresourcemanager.googleapis.com/organizations/ORGANIZATION_ID`
-        #       * Workforce Identity:
-        #       `//iam.googleapis.com/locations/global/workforcePools/WORKFORCE_POOL_ID`
-        #       * Workspace Identity:
-        #       `//iam.googleapis.com/locations/global/workspace/WORKSPACE_ID`
-        #     * For binding's parented by a folder:
-        #       * Folder:
-        #       `//cloudresourcemanager.googleapis.com/folders/FOLDER_ID`
-        #     * For binding's parented by a project:
-        #       * Project:
+        #
+        #     * For bindings parented by an organization:
+        #         * Organization:
+        #         `//cloudresourcemanager.googleapis.com/organizations/ORGANIZATION_ID`
+        #         * Workforce Identity:
+        #         `//iam.googleapis.com/locations/global/workforcePools/WORKFORCE_POOL_ID`
+        #         * Workspace Identity:
+        #         `//iam.googleapis.com/locations/global/workspace/WORKSPACE_ID`
+        #     * For bindings parented by a folder:
+        #         * Folder:
+        #           `//cloudresourcemanager.googleapis.com/folders/FOLDER_ID`
+        #     * For bindings parented by a project:
+        #         * Project:
+        #             * `//cloudresourcemanager.googleapis.com/projects/PROJECT_NUMBER`
+        #             * `//cloudresourcemanager.googleapis.com/projects/PROJECT_ID`
+        #         * Workload Identity Pool:
+        #         `//iam.googleapis.com/projects/PROJECT_NUMBER/locations/LOCATION/workloadIdentityPools/WORKLOAD_POOL_ID`
+        #
+        #     Note: The following fields are mutually exclusive: `principal_set`, `resource`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] resource
+        #   @return [::String]
+        #     Immutable. The full resource name that's used for access policy
+        #     bindings.
+        #
+        #     Examples:
+        #
+        #     * Organization:
+        #     `//cloudresourcemanager.googleapis.com/organizations/ORGANIZATION_ID`
+        #     * Folder: `//cloudresourcemanager.googleapis.com/folders/FOLDER_ID`
+        #     * Project:
         #         * `//cloudresourcemanager.googleapis.com/projects/PROJECT_NUMBER`
         #         * `//cloudresourcemanager.googleapis.com/projects/PROJECT_ID`
-        #       * Workload Identity Pool:
-        #       `//iam.googleapis.com/projects/PROJECT_NUMBER/locations/LOCATION/workloadIdentityPools/WORKLOAD_POOL_ID`
+        #
+        #     Note: The following fields are mutually exclusive: `resource`, `principal_set`. If a field in that set is populated, all other fields in the set will automatically be cleared.
         class Target
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -157,13 +176,16 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
-        # Different policy kinds supported in this binding.
+        # The different policy kinds supported in this binding.
         module PolicyKind
           # Unspecified policy kind; Not a valid state
           POLICY_KIND_UNSPECIFIED = 0
 
           # Principal access boundary policy kind
           PRINCIPAL_ACCESS_BOUNDARY = 1
+
+          # Access policy kind.
+          ACCESS = 2
         end
       end
     end

data/proto_docs/google/iam/v3beta/policy_bindings_service.rb

@@ -129,8 +129,7 @@ module Google
       #     Optional. The maximum number of policy bindings to return. The service may
       #     return fewer than this value.
       #
-      #     If unspecified, at most 50 policy bindings will be returned.
-      #     The maximum value is 1000; values above 1000 will be coerced to 1000.
+      #     The default value is 50. The maximum value is 1000.
       # @!attribute [rw] page_token
       #   @return [::String]
       #     Optional. A page token, received from a previous `ListPolicyBindings` call.
@@ -141,7 +140,8 @@ module Google
       # @!attribute [rw] filter
       #   @return [::String]
       #     Optional. An expression for filtering the results of the request. Filter
-      #     rules are case insensitive. Some eligible fields for filtering are:
+      #     rules are case insensitive. Some eligible fields for filtering are the
+      #     following:
       #
       #     + `target`
       #     + `policy`
@@ -187,8 +187,7 @@ module Google
       #     Optional. The maximum number of policy bindings to return. The service may
       #     return fewer than this value.
       #
-      #     If unspecified, at most 50 policy bindings will be returned.
-      #     The maximum value is 1000; values above 1000 will be coerced to 1000.
+      #     The default value is 50. The maximum value is 1000.
       # @!attribute [rw] page_token
       #   @return [::String]
       #     Optional. A page token, received from a previous
@@ -210,6 +209,18 @@ module Google
       #     * `projects/{project_number}/locations/{location}`
       #     * `folders/{folder_id}/locations/{location}`
       #     * `organizations/{organization_id}/locations/{location}`
+      # @!attribute [rw] filter
+      #   @return [::String]
+      #     Optional. Filtering currently only supports the kind of policies to return,
+      #     and must be in the format "policy_kind=\\{policy_kind}".
+      #
+      #     If String is empty, bindings bound to all kinds of policies would be
+      #     returned.
+      #
+      #     The only supported values are the following:
+      #
+      #     * "policy_kind=PRINCIPAL_ACCESS_BOUNDARY",
+      #     * "policy_kind=ACCESS"
       class SearchTargetPolicyBindingsRequest
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: google-iam-v3beta
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.7.0
 platform: ruby
 authors:
 - Google LLC
@@ -15,14 +15,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.3'
 - !ruby/object:Gem::Dependency
   name: google-cloud-errors
   requirement: !ruby/object:Gem::Requirement
@@ -69,6 +69,18 @@ files:
 - README.md
 - lib/google-iam-v3beta.rb
 - lib/google/iam/v3beta.rb
+- lib/google/iam/v3beta/access_policies.rb
+- lib/google/iam/v3beta/access_policies/client.rb
+- lib/google/iam/v3beta/access_policies/credentials.rb
+- lib/google/iam/v3beta/access_policies/operations.rb
+- lib/google/iam/v3beta/access_policies/paths.rb
+- lib/google/iam/v3beta/access_policies/rest.rb
+- lib/google/iam/v3beta/access_policies/rest/client.rb
+- lib/google/iam/v3beta/access_policies/rest/operations.rb
+- lib/google/iam/v3beta/access_policies/rest/service_stub.rb
+- lib/google/iam/v3beta/access_policies_service_pb.rb
+- lib/google/iam/v3beta/access_policies_service_services_pb.rb
+- lib/google/iam/v3beta/access_policy_resources_pb.rb
 - lib/google/iam/v3beta/operation_metadata_pb.rb
 - lib/google/iam/v3beta/policy_binding_resources_pb.rb
 - lib/google/iam/v3beta/policy_bindings.rb
@@ -102,6 +114,8 @@ files:
 - proto_docs/google/api/field_info.rb
 - proto_docs/google/api/launch_stage.rb
 - proto_docs/google/api/resource.rb
+- proto_docs/google/iam/v3beta/access_policies_service.rb
+- proto_docs/google/iam/v3beta/access_policy_resources.rb
 - proto_docs/google/iam/v3beta/operation_metadata.rb
 - proto_docs/google/iam/v3beta/policy_binding_resources.rb
 - proto_docs/google/iam/v3beta/policy_bindings_service.rb