google-identity-access_context_manager-v1 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +167 -0
- data/LICENSE.md +201 -0
- data/README.md +139 -0
- data/lib/google/identity/access_context_manager/v1/access_context_manager/client.rb +2358 -0
- data/lib/google/identity/access_context_manager/v1/access_context_manager/credentials.rb +47 -0
- data/lib/google/identity/access_context_manager/v1/access_context_manager/operations.rb +664 -0
- data/lib/google/identity/access_context_manager/v1/access_context_manager/paths.rb +112 -0
- data/lib/google/identity/access_context_manager/v1/access_context_manager.rb +60 -0
- data/lib/google/identity/access_context_manager/v1/version.rb +28 -0
- data/lib/google/identity/access_context_manager/v1.rb +38 -0
- data/lib/google/identity/accesscontextmanager/type/device_resources_pb.rb +43 -0
- data/lib/google/identity/accesscontextmanager/v1/access_context_manager_pb.rb +182 -0
- data/lib/google/identity/accesscontextmanager/v1/access_context_manager_services_pb.rb +224 -0
- data/lib/google/identity/accesscontextmanager/v1/access_level_pb.rb +73 -0
- data/lib/google/identity/accesscontextmanager/v1/access_policy_pb.rb +30 -0
- data/lib/google/identity/accesscontextmanager/v1/gcp_user_access_binding_pb.rb +27 -0
- data/lib/google/identity/accesscontextmanager/v1/service_perimeter_pb.rb +109 -0
- data/lib/google-identity-access_context_manager-v1.rb +21 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/field_behavior.rb +71 -0
- data/proto_docs/google/api/resource.rb +283 -0
- data/proto_docs/google/identity/accesscontextmanager/type/device_resources.rb +84 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/access_context_manager.rb +539 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/access_level.rb +197 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/access_policy.rb +60 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/gcp_user_access_binding.rb +55 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb +484 -0
- data/proto_docs/google/longrunning/operations.rb +164 -0
- data/proto_docs/google/protobuf/any.rb +141 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/empty.rb +36 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/protobuf/timestamp.rb +129 -0
- data/proto_docs/google/rpc/status.rb +46 -0
- data/proto_docs/google/type/expr.rb +75 -0
- metadata +228 -0
@@ -0,0 +1,224 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# Source: google/identity/accesscontextmanager/v1/access_context_manager.proto for package 'Google.Identity.AccessContextManager.V1'
|
3
|
+
# Original file comments:
|
4
|
+
# Copyright 2021 Google LLC
|
5
|
+
#
|
6
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
+
# you may not use this file except in compliance with the License.
|
8
|
+
# You may obtain a copy of the License at
|
9
|
+
#
|
10
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
+
#
|
12
|
+
# Unless required by applicable law or agreed to in writing, software
|
13
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
+
# See the License for the specific language governing permissions and
|
16
|
+
# limitations under the License.
|
17
|
+
#
|
18
|
+
|
19
|
+
require 'grpc'
|
20
|
+
require 'google/identity/accesscontextmanager/v1/access_context_manager_pb'
|
21
|
+
|
22
|
+
module Google
|
23
|
+
module Identity
|
24
|
+
module AccessContextManager
|
25
|
+
module V1
|
26
|
+
module AccessContextManager
|
27
|
+
# API for setting [Access Levels]
|
28
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] and [Service
|
29
|
+
# Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
30
|
+
# for Google Cloud Projects. Each organization has one [AccessPolicy]
|
31
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] containing the
|
32
|
+
# [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel]
|
33
|
+
# and [Service Perimeters]
|
34
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. This
|
35
|
+
# [AccessPolicy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
|
36
|
+
# applicable to all resources in the organization.
|
37
|
+
# AccessPolicies
|
38
|
+
class Service
|
39
|
+
|
40
|
+
include ::GRPC::GenericService
|
41
|
+
|
42
|
+
self.marshal_class_method = :encode
|
43
|
+
self.unmarshal_class_method = :decode
|
44
|
+
self.service_name = 'google.identity.accesscontextmanager.v1.AccessContextManager'
|
45
|
+
|
46
|
+
# List all [AccessPolicies]
|
47
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] under a
|
48
|
+
# container.
|
49
|
+
rpc :ListAccessPolicies, ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest, ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesResponse
|
50
|
+
# Get an [AccessPolicy]
|
51
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] by name.
|
52
|
+
rpc :GetAccessPolicy, ::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest, ::Google::Identity::AccessContextManager::V1::AccessPolicy
|
53
|
+
# Create an `AccessPolicy`. Fails if this organization already has a
|
54
|
+
# `AccessPolicy`. The longrunning Operation will have a successful status
|
55
|
+
# once the `AccessPolicy` has propagated to long-lasting storage.
|
56
|
+
# Syntactic and basic semantic errors will be returned in `metadata` as a
|
57
|
+
# BadRequest proto.
|
58
|
+
rpc :CreateAccessPolicy, ::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Google::Longrunning::Operation
|
59
|
+
# Update an [AccessPolicy]
|
60
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy]. The
|
61
|
+
# longrunning Operation from this RPC will have a successful status once the
|
62
|
+
# changes to the [AccessPolicy]
|
63
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] have propagated
|
64
|
+
# to long-lasting storage. Syntactic and basic semantic errors will be
|
65
|
+
# returned in `metadata` as a BadRequest proto.
|
66
|
+
rpc :UpdateAccessPolicy, ::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest, ::Google::Longrunning::Operation
|
67
|
+
# Delete an [AccessPolicy]
|
68
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] by resource
|
69
|
+
# name. The longrunning Operation will have a successful status once the
|
70
|
+
# [AccessPolicy] [google.identity.accesscontextmanager.v1.AccessPolicy]
|
71
|
+
# has been removed from long-lasting storage.
|
72
|
+
rpc :DeleteAccessPolicy, ::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest, ::Google::Longrunning::Operation
|
73
|
+
# List all [Access Levels]
|
74
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] for an access
|
75
|
+
# policy.
|
76
|
+
rpc :ListAccessLevels, ::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest, ::Google::Identity::AccessContextManager::V1::ListAccessLevelsResponse
|
77
|
+
# Get an [Access Level]
|
78
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] by resource
|
79
|
+
# name.
|
80
|
+
rpc :GetAccessLevel, ::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest, ::Google::Identity::AccessContextManager::V1::AccessLevel
|
81
|
+
# Create an [Access Level]
|
82
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel]. The longrunning
|
83
|
+
# operation from this RPC will have a successful status once the [Access
|
84
|
+
# Level] [google.identity.accesscontextmanager.v1.AccessLevel] has
|
85
|
+
# propagated to long-lasting storage. [Access Levels]
|
86
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] containing
|
87
|
+
# errors will result in an error response for the first error encountered.
|
88
|
+
rpc :CreateAccessLevel, ::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest, ::Google::Longrunning::Operation
|
89
|
+
# Update an [Access Level]
|
90
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel]. The longrunning
|
91
|
+
# operation from this RPC will have a successful status once the changes to
|
92
|
+
# the [Access Level]
|
93
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] have propagated
|
94
|
+
# to long-lasting storage. [Access Levels]
|
95
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] containing
|
96
|
+
# errors will result in an error response for the first error encountered.
|
97
|
+
rpc :UpdateAccessLevel, ::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest, ::Google::Longrunning::Operation
|
98
|
+
# Delete an [Access Level]
|
99
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] by resource
|
100
|
+
# name. The longrunning operation from this RPC will have a successful status
|
101
|
+
# once the [Access Level]
|
102
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] has been removed
|
103
|
+
# from long-lasting storage.
|
104
|
+
rpc :DeleteAccessLevel, ::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest, ::Google::Longrunning::Operation
|
105
|
+
# Replace all existing [Access Levels]
|
106
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] in an [Access
|
107
|
+
# Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with
|
108
|
+
# the [Access Levels]
|
109
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] provided. This
|
110
|
+
# is done atomically. The longrunning operation from this RPC will have a
|
111
|
+
# successful status once all replacements have propagated to long-lasting
|
112
|
+
# storage. Replacements containing errors will result in an error response
|
113
|
+
# for the first error encountered. Replacement will be cancelled on error,
|
114
|
+
# existing [Access Levels]
|
115
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] will not be
|
116
|
+
# affected. Operation.response field will contain
|
117
|
+
# ReplaceAccessLevelsResponse. Removing [Access Levels]
|
118
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing
|
119
|
+
# [Service Perimeters]
|
120
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] will result in
|
121
|
+
# error.
|
122
|
+
rpc :ReplaceAccessLevels, ::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest, ::Google::Longrunning::Operation
|
123
|
+
# List all [Service Perimeters]
|
124
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] for an
|
125
|
+
# access policy.
|
126
|
+
rpc :ListServicePerimeters, ::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest, ::Google::Identity::AccessContextManager::V1::ListServicePerimetersResponse
|
127
|
+
# Get a [Service Perimeter]
|
128
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] by resource
|
129
|
+
# name.
|
130
|
+
rpc :GetServicePerimeter, ::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest, ::Google::Identity::AccessContextManager::V1::ServicePerimeter
|
131
|
+
# Create a [Service Perimeter]
|
132
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
|
133
|
+
# longrunning operation from this RPC will have a successful status once the
|
134
|
+
# [Service Perimeter]
|
135
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] has
|
136
|
+
# propagated to long-lasting storage. [Service Perimeters]
|
137
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] containing
|
138
|
+
# errors will result in an error response for the first error encountered.
|
139
|
+
rpc :CreateServicePerimeter, ::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest, ::Google::Longrunning::Operation
|
140
|
+
# Update a [Service Perimeter]
|
141
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
|
142
|
+
# longrunning operation from this RPC will have a successful status once the
|
143
|
+
# changes to the [Service Perimeter]
|
144
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] have
|
145
|
+
# propagated to long-lasting storage. [Service Perimeter]
|
146
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] containing
|
147
|
+
# errors will result in an error response for the first error encountered.
|
148
|
+
rpc :UpdateServicePerimeter, ::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest, ::Google::Longrunning::Operation
|
149
|
+
# Delete a [Service Perimeter]
|
150
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] by resource
|
151
|
+
# name. The longrunning operation from this RPC will have a successful status
|
152
|
+
# once the [Service Perimeter]
|
153
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] has been
|
154
|
+
# removed from long-lasting storage.
|
155
|
+
rpc :DeleteServicePerimeter, ::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest, ::Google::Longrunning::Operation
|
156
|
+
# Replace all existing [Service Perimeters]
|
157
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
|
158
|
+
# [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy]
|
159
|
+
# with the [Service Perimeters]
|
160
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] provided.
|
161
|
+
# This is done atomically. The longrunning operation from this
|
162
|
+
# RPC will have a successful status once all replacements have propagated to
|
163
|
+
# long-lasting storage. Replacements containing errors will result in an
|
164
|
+
# error response for the first error encountered. Replacement will be
|
165
|
+
# cancelled on error, existing [Service Perimeters]
|
166
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] will not be
|
167
|
+
# affected. Operation.response field will contain
|
168
|
+
# ReplaceServicePerimetersResponse.
|
169
|
+
rpc :ReplaceServicePerimeters, ::Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest, ::Google::Longrunning::Operation
|
170
|
+
# Commit the dry-run spec for all the [Service Perimeters]
|
171
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
|
172
|
+
# [Access Policy][google.identity.accesscontextmanager.v1.AccessPolicy].
|
173
|
+
# A commit operation on a Service Perimeter involves copying its `spec` field
|
174
|
+
# to that Service Perimeter's `status` field. Only [Service Perimeters]
|
175
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] with
|
176
|
+
# `use_explicit_dry_run_spec` field set to true are affected by a commit
|
177
|
+
# operation. The longrunning operation from this RPC will have a successful
|
178
|
+
# status once the dry-run specs for all the [Service Perimeters]
|
179
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] have been
|
180
|
+
# committed. If a commit fails, it will cause the longrunning operation to
|
181
|
+
# return an error response and the entire commit operation will be cancelled.
|
182
|
+
# When successful, Operation.response field will contain
|
183
|
+
# CommitServicePerimetersResponse. The `dry_run` and the `spec` fields will
|
184
|
+
# be cleared after a successful commit operation.
|
185
|
+
rpc :CommitServicePerimeters, ::Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest, ::Google::Longrunning::Operation
|
186
|
+
# Lists all [GcpUserAccessBindings]
|
187
|
+
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a
|
188
|
+
# Google Cloud organization.
|
189
|
+
rpc :ListGcpUserAccessBindings, ::Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsRequest, ::Google::Identity::AccessContextManager::V1::ListGcpUserAccessBindingsResponse
|
190
|
+
# Gets the [GcpUserAccessBinding]
|
191
|
+
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] with
|
192
|
+
# the given name.
|
193
|
+
rpc :GetGcpUserAccessBinding, ::Google::Identity::AccessContextManager::V1::GetGcpUserAccessBindingRequest, ::Google::Identity::AccessContextManager::V1::GcpUserAccessBinding
|
194
|
+
# Creates a [GcpUserAccessBinding]
|
195
|
+
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the
|
196
|
+
# client specifies a [name]
|
197
|
+
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name],
|
198
|
+
# the server will ignore it. Fails if a resource already exists with the same
|
199
|
+
# [group_key]
|
200
|
+
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key].
|
201
|
+
# Completion of this long-running operation does not necessarily signify that
|
202
|
+
# the new binding is deployed onto all affected users, which may take more
|
203
|
+
# time.
|
204
|
+
rpc :CreateGcpUserAccessBinding, ::Google::Identity::AccessContextManager::V1::CreateGcpUserAccessBindingRequest, ::Google::Longrunning::Operation
|
205
|
+
# Updates a [GcpUserAccessBinding]
|
206
|
+
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding].
|
207
|
+
# Completion of this long-running operation does not necessarily signify that
|
208
|
+
# the changed binding is deployed onto all affected users, which may take
|
209
|
+
# more time.
|
210
|
+
rpc :UpdateGcpUserAccessBinding, ::Google::Identity::AccessContextManager::V1::UpdateGcpUserAccessBindingRequest, ::Google::Longrunning::Operation
|
211
|
+
# Deletes a [GcpUserAccessBinding]
|
212
|
+
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding].
|
213
|
+
# Completion of this long-running operation does not necessarily signify that
|
214
|
+
# the binding deletion is deployed onto all affected users, which may take
|
215
|
+
# more time.
|
216
|
+
rpc :DeleteGcpUserAccessBinding, ::Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest, ::Google::Longrunning::Operation
|
217
|
+
end
|
218
|
+
|
219
|
+
Stub = Service.rpc_stub_class
|
220
|
+
end
|
221
|
+
end
|
222
|
+
end
|
223
|
+
end
|
224
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: google/identity/accesscontextmanager/v1/access_level.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'google/api/resource_pb'
|
7
|
+
require 'google/identity/accesscontextmanager/type/device_resources_pb'
|
8
|
+
require 'google/protobuf/timestamp_pb'
|
9
|
+
require 'google/type/expr_pb'
|
10
|
+
require 'google/api/annotations_pb'
|
11
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
12
|
+
add_file("google/identity/accesscontextmanager/v1/access_level.proto", :syntax => :proto3) do
|
13
|
+
add_message "google.identity.accesscontextmanager.v1.AccessLevel" do
|
14
|
+
optional :name, :string, 1
|
15
|
+
optional :title, :string, 2
|
16
|
+
optional :description, :string, 3
|
17
|
+
optional :create_time, :message, 6, "google.protobuf.Timestamp"
|
18
|
+
optional :update_time, :message, 7, "google.protobuf.Timestamp"
|
19
|
+
oneof :level do
|
20
|
+
optional :basic, :message, 4, "google.identity.accesscontextmanager.v1.BasicLevel"
|
21
|
+
optional :custom, :message, 5, "google.identity.accesscontextmanager.v1.CustomLevel"
|
22
|
+
end
|
23
|
+
end
|
24
|
+
add_message "google.identity.accesscontextmanager.v1.BasicLevel" do
|
25
|
+
repeated :conditions, :message, 1, "google.identity.accesscontextmanager.v1.Condition"
|
26
|
+
optional :combining_function, :enum, 2, "google.identity.accesscontextmanager.v1.BasicLevel.ConditionCombiningFunction"
|
27
|
+
end
|
28
|
+
add_enum "google.identity.accesscontextmanager.v1.BasicLevel.ConditionCombiningFunction" do
|
29
|
+
value :AND, 0
|
30
|
+
value :OR, 1
|
31
|
+
end
|
32
|
+
add_message "google.identity.accesscontextmanager.v1.Condition" do
|
33
|
+
repeated :ip_subnetworks, :string, 1
|
34
|
+
optional :device_policy, :message, 2, "google.identity.accesscontextmanager.v1.DevicePolicy"
|
35
|
+
repeated :required_access_levels, :string, 3
|
36
|
+
optional :negate, :bool, 5
|
37
|
+
repeated :members, :string, 6
|
38
|
+
repeated :regions, :string, 7
|
39
|
+
end
|
40
|
+
add_message "google.identity.accesscontextmanager.v1.CustomLevel" do
|
41
|
+
optional :expr, :message, 1, "google.type.Expr"
|
42
|
+
end
|
43
|
+
add_message "google.identity.accesscontextmanager.v1.DevicePolicy" do
|
44
|
+
optional :require_screenlock, :bool, 1
|
45
|
+
repeated :allowed_encryption_statuses, :enum, 2, "google.identity.accesscontextmanager.type.DeviceEncryptionStatus"
|
46
|
+
repeated :os_constraints, :message, 3, "google.identity.accesscontextmanager.v1.OsConstraint"
|
47
|
+
repeated :allowed_device_management_levels, :enum, 6, "google.identity.accesscontextmanager.type.DeviceManagementLevel"
|
48
|
+
optional :require_admin_approval, :bool, 7
|
49
|
+
optional :require_corp_owned, :bool, 8
|
50
|
+
end
|
51
|
+
add_message "google.identity.accesscontextmanager.v1.OsConstraint" do
|
52
|
+
optional :os_type, :enum, 1, "google.identity.accesscontextmanager.type.OsType"
|
53
|
+
optional :minimum_version, :string, 2
|
54
|
+
optional :require_verified_chrome_os, :bool, 3
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
module Google
|
60
|
+
module Identity
|
61
|
+
module AccessContextManager
|
62
|
+
module V1
|
63
|
+
AccessLevel = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.AccessLevel").msgclass
|
64
|
+
BasicLevel = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.BasicLevel").msgclass
|
65
|
+
BasicLevel::ConditionCombiningFunction = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.BasicLevel.ConditionCombiningFunction").enummodule
|
66
|
+
Condition = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.Condition").msgclass
|
67
|
+
CustomLevel = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.CustomLevel").msgclass
|
68
|
+
DevicePolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.DevicePolicy").msgclass
|
69
|
+
OsConstraint = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.OsConstraint").msgclass
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: google/identity/accesscontextmanager/v1/access_policy.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'google/api/resource_pb'
|
7
|
+
require 'google/protobuf/timestamp_pb'
|
8
|
+
require 'google/api/annotations_pb'
|
9
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
10
|
+
add_file("google/identity/accesscontextmanager/v1/access_policy.proto", :syntax => :proto3) do
|
11
|
+
add_message "google.identity.accesscontextmanager.v1.AccessPolicy" do
|
12
|
+
optional :name, :string, 1
|
13
|
+
optional :parent, :string, 2
|
14
|
+
optional :title, :string, 3
|
15
|
+
optional :create_time, :message, 4, "google.protobuf.Timestamp"
|
16
|
+
optional :update_time, :message, 5, "google.protobuf.Timestamp"
|
17
|
+
optional :etag, :string, 6
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
module Google
|
23
|
+
module Identity
|
24
|
+
module AccessContextManager
|
25
|
+
module V1
|
26
|
+
AccessPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.AccessPolicy").msgclass
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: google/identity/accesscontextmanager/v1/gcp_user_access_binding.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'google/api/field_behavior_pb'
|
7
|
+
require 'google/api/resource_pb'
|
8
|
+
require 'google/api/annotations_pb'
|
9
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
10
|
+
add_file("google/identity/accesscontextmanager/v1/gcp_user_access_binding.proto", :syntax => :proto3) do
|
11
|
+
add_message "google.identity.accesscontextmanager.v1.GcpUserAccessBinding" do
|
12
|
+
optional :name, :string, 1
|
13
|
+
optional :group_key, :string, 2
|
14
|
+
repeated :access_levels, :string, 3
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
module Google
|
20
|
+
module Identity
|
21
|
+
module AccessContextManager
|
22
|
+
module V1
|
23
|
+
GcpUserAccessBinding = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.GcpUserAccessBinding").msgclass
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,109 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: google/identity/accesscontextmanager/v1/service_perimeter.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'google/api/resource_pb'
|
7
|
+
require 'google/protobuf/timestamp_pb'
|
8
|
+
require 'google/api/annotations_pb'
|
9
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
10
|
+
add_file("google/identity/accesscontextmanager/v1/service_perimeter.proto", :syntax => :proto3) do
|
11
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeter" do
|
12
|
+
optional :name, :string, 1
|
13
|
+
optional :title, :string, 2
|
14
|
+
optional :description, :string, 3
|
15
|
+
optional :create_time, :message, 4, "google.protobuf.Timestamp"
|
16
|
+
optional :update_time, :message, 5, "google.protobuf.Timestamp"
|
17
|
+
optional :perimeter_type, :enum, 6, "google.identity.accesscontextmanager.v1.ServicePerimeter.PerimeterType"
|
18
|
+
optional :status, :message, 7, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig"
|
19
|
+
optional :spec, :message, 8, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig"
|
20
|
+
optional :use_explicit_dry_run_spec, :bool, 9
|
21
|
+
end
|
22
|
+
add_enum "google.identity.accesscontextmanager.v1.ServicePerimeter.PerimeterType" do
|
23
|
+
value :PERIMETER_TYPE_REGULAR, 0
|
24
|
+
value :PERIMETER_TYPE_BRIDGE, 1
|
25
|
+
end
|
26
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig" do
|
27
|
+
repeated :resources, :string, 1
|
28
|
+
repeated :access_levels, :string, 2
|
29
|
+
repeated :restricted_services, :string, 4
|
30
|
+
optional :vpc_accessible_services, :message, 10, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices"
|
31
|
+
repeated :ingress_policies, :message, 8, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy"
|
32
|
+
repeated :egress_policies, :message, 9, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy"
|
33
|
+
end
|
34
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices" do
|
35
|
+
optional :enable_restriction, :bool, 1
|
36
|
+
repeated :allowed_services, :string, 2
|
37
|
+
end
|
38
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector" do
|
39
|
+
oneof :kind do
|
40
|
+
optional :method, :string, 1
|
41
|
+
optional :permission, :string, 2
|
42
|
+
end
|
43
|
+
end
|
44
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation" do
|
45
|
+
optional :service_name, :string, 1
|
46
|
+
repeated :method_selectors, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector"
|
47
|
+
end
|
48
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource" do
|
49
|
+
oneof :source do
|
50
|
+
optional :access_level, :string, 1
|
51
|
+
optional :resource, :string, 2
|
52
|
+
end
|
53
|
+
end
|
54
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
|
55
|
+
repeated :resources, :string, 1
|
56
|
+
repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
|
57
|
+
end
|
58
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom" do
|
59
|
+
repeated :sources, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource"
|
60
|
+
repeated :identities, :string, 2
|
61
|
+
optional :identity_type, :enum, 3, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
|
62
|
+
end
|
63
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo" do
|
64
|
+
repeated :operations, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
|
65
|
+
repeated :resources, :string, 2
|
66
|
+
end
|
67
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy" do
|
68
|
+
optional :ingress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom"
|
69
|
+
optional :ingress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo"
|
70
|
+
end
|
71
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
|
72
|
+
optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
|
73
|
+
optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
|
74
|
+
end
|
75
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom" do
|
76
|
+
repeated :identities, :string, 1
|
77
|
+
optional :identity_type, :enum, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
|
78
|
+
end
|
79
|
+
add_enum "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType" do
|
80
|
+
value :IDENTITY_TYPE_UNSPECIFIED, 0
|
81
|
+
value :ANY_IDENTITY, 1
|
82
|
+
value :ANY_USER_ACCOUNT, 2
|
83
|
+
value :ANY_SERVICE_ACCOUNT, 3
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
|
88
|
+
module Google
|
89
|
+
module Identity
|
90
|
+
module AccessContextManager
|
91
|
+
module V1
|
92
|
+
ServicePerimeter = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeter").msgclass
|
93
|
+
ServicePerimeter::PerimeterType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeter.PerimeterType").enummodule
|
94
|
+
ServicePerimeterConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig").msgclass
|
95
|
+
ServicePerimeterConfig::VpcAccessibleServices = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.VpcAccessibleServices").msgclass
|
96
|
+
ServicePerimeterConfig::MethodSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector").msgclass
|
97
|
+
ServicePerimeterConfig::ApiOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation").msgclass
|
98
|
+
ServicePerimeterConfig::IngressSource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource").msgclass
|
99
|
+
ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
|
100
|
+
ServicePerimeterConfig::IngressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom").msgclass
|
101
|
+
ServicePerimeterConfig::IngressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo").msgclass
|
102
|
+
ServicePerimeterConfig::IngressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy").msgclass
|
103
|
+
ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
|
104
|
+
ServicePerimeterConfig::EgressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom").msgclass
|
105
|
+
ServicePerimeterConfig::IdentityType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType").enummodule
|
106
|
+
end
|
107
|
+
end
|
108
|
+
end
|
109
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
# This gem does not autoload during Bundler.require. To load this gem,
|
20
|
+
# issue explicit require statements for the packages desired, e.g.:
|
21
|
+
# require "google/identity/access_context_manager/v1"
|
@@ -0,0 +1,71 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Api
|
22
|
+
# An indicator of the behavior of a given field (for example, that a field
|
23
|
+
# is required in requests, or given as output but ignored as input).
|
24
|
+
# This **does not** change the behavior in protocol buffers itself; it only
|
25
|
+
# denotes the behavior and may affect how API tooling handles the field.
|
26
|
+
#
|
27
|
+
# Note: This enum **may** receive new values in the future.
|
28
|
+
module FieldBehavior
|
29
|
+
# Conventional default for enums. Do not use this.
|
30
|
+
FIELD_BEHAVIOR_UNSPECIFIED = 0
|
31
|
+
|
32
|
+
# Specifically denotes a field as optional.
|
33
|
+
# While all fields in protocol buffers are optional, this may be specified
|
34
|
+
# for emphasis if appropriate.
|
35
|
+
OPTIONAL = 1
|
36
|
+
|
37
|
+
# Denotes a field as required.
|
38
|
+
# This indicates that the field **must** be provided as part of the request,
|
39
|
+
# and failure to do so will cause an error (usually `INVALID_ARGUMENT`).
|
40
|
+
REQUIRED = 2
|
41
|
+
|
42
|
+
# Denotes a field as output only.
|
43
|
+
# This indicates that the field is provided in responses, but including the
|
44
|
+
# field in a request does nothing (the server *must* ignore it and
|
45
|
+
# *must not* throw an error as a result of the field's presence).
|
46
|
+
OUTPUT_ONLY = 3
|
47
|
+
|
48
|
+
# Denotes a field as input only.
|
49
|
+
# This indicates that the field is provided in requests, and the
|
50
|
+
# corresponding field is not included in output.
|
51
|
+
INPUT_ONLY = 4
|
52
|
+
|
53
|
+
# Denotes a field as immutable.
|
54
|
+
# This indicates that the field may be set once in a request to create a
|
55
|
+
# resource, but may not be changed thereafter.
|
56
|
+
IMMUTABLE = 5
|
57
|
+
|
58
|
+
# Denotes that a (repeated) field is an unordered list.
|
59
|
+
# This indicates that the service may provide the elements of the list
|
60
|
+
# in any arbitrary order, rather than the order the user originally
|
61
|
+
# provided. Additionally, the list's order may or may not be stable.
|
62
|
+
UNORDERED_LIST = 6
|
63
|
+
|
64
|
+
# Denotes that this field returns a non-empty default value if not set.
|
65
|
+
# This indicates that if the user provides the empty value in a request,
|
66
|
+
# a non-empty value will be returned. The user will not be aware of what
|
67
|
+
# non-empty value to expect.
|
68
|
+
NON_EMPTY_DEFAULT = 7
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|