google-identity-access_context_manager-v1 0.2.0 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -32,15 +32,15 @@ module Google
32
32
  module AccessContextManager
33
33
  module V1
34
34
  ##
35
- # API for setting [Access Levels]
36
- # [google.identity.accesscontextmanager.v1.AccessLevel] and [Service
37
- # Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
38
- # for Google Cloud Projects. Each organization has one [AccessPolicy]
39
- # [google.identity.accesscontextmanager.v1.AccessPolicy] containing the
40
- # [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel]
41
- # and [Service Perimeters]
35
+ # API for setting [access levels]
36
+ # [google.identity.accesscontextmanager.v1.AccessLevel] and [service
37
+ # perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
38
+ # for Google Cloud projects. Each organization has one [access policy]
39
+ # [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the
40
+ # [access levels] [google.identity.accesscontextmanager.v1.AccessLevel]
41
+ # and [service perimeters]
42
42
  # [google.identity.accesscontextmanager.v1.ServicePerimeter]. This
43
- # [AccessPolicy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
43
+ # [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
44
44
  # applicable to all resources in the organization.
45
45
  # AccessPolicies
46
46
  #
@@ -21,7 +21,7 @@ module Google
21
21
  module Identity
22
22
  module AccessContextManager
23
23
  module V1
24
- VERSION = "0.2.0"
24
+ VERSION = "0.3.0"
25
25
  end
26
26
  end
27
27
  end
@@ -7,6 +7,8 @@ require 'google/api/annotations_pb'
7
7
  require 'google/api/client_pb'
8
8
  require 'google/api/field_behavior_pb'
9
9
  require 'google/api/resource_pb'
10
+ require 'google/iam/v1/iam_policy_pb'
11
+ require 'google/iam/v1/policy_pb'
10
12
  require 'google/identity/accesscontextmanager/v1/access_level_pb'
11
13
  require 'google/identity/accesscontextmanager/v1/access_policy_pb'
12
14
  require 'google/identity/accesscontextmanager/v1/gcp_user_access_binding_pb'
@@ -24,15 +24,15 @@ module Google
24
24
  module AccessContextManager
25
25
  module V1
26
26
  module AccessContextManager
27
- # API for setting [Access Levels]
28
- # [google.identity.accesscontextmanager.v1.AccessLevel] and [Service
29
- # Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
30
- # for Google Cloud Projects. Each organization has one [AccessPolicy]
31
- # [google.identity.accesscontextmanager.v1.AccessPolicy] containing the
32
- # [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel]
33
- # and [Service Perimeters]
27
+ # API for setting [access levels]
28
+ # [google.identity.accesscontextmanager.v1.AccessLevel] and [service
29
+ # perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
30
+ # for Google Cloud projects. Each organization has one [access policy]
31
+ # [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the
32
+ # [access levels] [google.identity.accesscontextmanager.v1.AccessLevel]
33
+ # and [service perimeters]
34
34
  # [google.identity.accesscontextmanager.v1.ServicePerimeter]. This
35
- # [AccessPolicy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
35
+ # [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
36
36
  # applicable to all resources in the organization.
37
37
  # AccessPolicies
38
38
  class Service
@@ -43,145 +43,144 @@ module Google
43
43
  self.unmarshal_class_method = :decode
44
44
  self.service_name = 'google.identity.accesscontextmanager.v1.AccessContextManager'
45
45
 
46
- # List all [AccessPolicies]
47
- # [google.identity.accesscontextmanager.v1.AccessPolicy] under a
48
- # container.
46
+ # Lists all [access policies]
47
+ # [google.identity.accesscontextmanager.v1.AccessPolicy] in an
48
+ # organization.
49
49
  rpc :ListAccessPolicies, ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest, ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesResponse
50
- # Get an [AccessPolicy]
51
- # [google.identity.accesscontextmanager.v1.AccessPolicy] by name.
50
+ # Returns an [access policy]
51
+ # [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.
52
52
  rpc :GetAccessPolicy, ::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest, ::Google::Identity::AccessContextManager::V1::AccessPolicy
53
- # Create an `AccessPolicy`. Fails if this organization already has a
54
- # `AccessPolicy`. The longrunning Operation will have a successful status
55
- # once the `AccessPolicy` has propagated to long-lasting storage.
56
- # Syntactic and basic semantic errors will be returned in `metadata` as a
53
+ # Creates an access policy. This method fails if the organization already has
54
+ # an access policy. The long-running operation has a successful status
55
+ # after the access policy propagates to long-lasting storage.
56
+ # Syntactic and basic semantic errors are returned in `metadata` as a
57
57
  # BadRequest proto.
58
58
  rpc :CreateAccessPolicy, ::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Google::Longrunning::Operation
59
- # Update an [AccessPolicy]
59
+ # Updates an [access policy]
60
60
  # [google.identity.accesscontextmanager.v1.AccessPolicy]. The
61
- # longrunning Operation from this RPC will have a successful status once the
62
- # changes to the [AccessPolicy]
63
- # [google.identity.accesscontextmanager.v1.AccessPolicy] have propagated
64
- # to long-lasting storage. Syntactic and basic semantic errors will be
65
- # returned in `metadata` as a BadRequest proto.
61
+ # long-running operation from this RPC has a successful status after the
62
+ # changes to the [access policy]
63
+ # [google.identity.accesscontextmanager.v1.AccessPolicy] propagate
64
+ # to long-lasting storage.
66
65
  rpc :UpdateAccessPolicy, ::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest, ::Google::Longrunning::Operation
67
- # Delete an [AccessPolicy]
68
- # [google.identity.accesscontextmanager.v1.AccessPolicy] by resource
69
- # name. The longrunning Operation will have a successful status once the
70
- # [AccessPolicy] [google.identity.accesscontextmanager.v1.AccessPolicy]
71
- # has been removed from long-lasting storage.
66
+ # Deletes an [access policy]
67
+ # [google.identity.accesscontextmanager.v1.AccessPolicy] based on the
68
+ # resource name. The long-running operation has a successful status after the
69
+ # [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]
70
+ # is removed from long-lasting storage.
72
71
  rpc :DeleteAccessPolicy, ::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest, ::Google::Longrunning::Operation
73
- # List all [Access Levels]
72
+ # Lists all [access levels]
74
73
  # [google.identity.accesscontextmanager.v1.AccessLevel] for an access
75
74
  # policy.
76
75
  rpc :ListAccessLevels, ::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest, ::Google::Identity::AccessContextManager::V1::ListAccessLevelsResponse
77
- # Get an [Access Level]
78
- # [google.identity.accesscontextmanager.v1.AccessLevel] by resource
76
+ # Gets an [access level]
77
+ # [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource
79
78
  # name.
80
79
  rpc :GetAccessLevel, ::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest, ::Google::Identity::AccessContextManager::V1::AccessLevel
81
- # Create an [Access Level]
82
- # [google.identity.accesscontextmanager.v1.AccessLevel]. The longrunning
83
- # operation from this RPC will have a successful status once the [Access
84
- # Level] [google.identity.accesscontextmanager.v1.AccessLevel] has
85
- # propagated to long-lasting storage. [Access Levels]
86
- # [google.identity.accesscontextmanager.v1.AccessLevel] containing
87
- # errors will result in an error response for the first error encountered.
80
+ # Creates an [access level]
81
+ # [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running
82
+ # operation from this RPC has a successful status after the [access
83
+ # level] [google.identity.accesscontextmanager.v1.AccessLevel]
84
+ # propagates to long-lasting storage. If [access levels]
85
+ # [google.identity.accesscontextmanager.v1.AccessLevel] contain
86
+ # errors, an error response is returned for the first error encountered.
88
87
  rpc :CreateAccessLevel, ::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest, ::Google::Longrunning::Operation
89
- # Update an [Access Level]
90
- # [google.identity.accesscontextmanager.v1.AccessLevel]. The longrunning
91
- # operation from this RPC will have a successful status once the changes to
92
- # the [Access Level]
93
- # [google.identity.accesscontextmanager.v1.AccessLevel] have propagated
94
- # to long-lasting storage. [Access Levels]
95
- # [google.identity.accesscontextmanager.v1.AccessLevel] containing
96
- # errors will result in an error response for the first error encountered.
88
+ # Updates an [access level]
89
+ # [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running
90
+ # operation from this RPC has a successful status after the changes to
91
+ # the [access level]
92
+ # [google.identity.accesscontextmanager.v1.AccessLevel] propagate
93
+ # to long-lasting storage. If [access levels]
94
+ # [google.identity.accesscontextmanager.v1.AccessLevel] contain
95
+ # errors, an error response is returned for the first error encountered.
97
96
  rpc :UpdateAccessLevel, ::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest, ::Google::Longrunning::Operation
98
- # Delete an [Access Level]
99
- # [google.identity.accesscontextmanager.v1.AccessLevel] by resource
100
- # name. The longrunning operation from this RPC will have a successful status
101
- # once the [Access Level]
97
+ # Deletes an [access level]
98
+ # [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource
99
+ # name. The long-running operation from this RPC has a successful status
100
+ # after the [access level]
102
101
  # [google.identity.accesscontextmanager.v1.AccessLevel] has been removed
103
102
  # from long-lasting storage.
104
103
  rpc :DeleteAccessLevel, ::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest, ::Google::Longrunning::Operation
105
- # Replace all existing [Access Levels]
106
- # [google.identity.accesscontextmanager.v1.AccessLevel] in an [Access
107
- # Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with
108
- # the [Access Levels]
104
+ # Replaces all existing [access levels]
105
+ # [google.identity.accesscontextmanager.v1.AccessLevel] in an [access
106
+ # policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with
107
+ # the [access levels]
109
108
  # [google.identity.accesscontextmanager.v1.AccessLevel] provided. This
110
- # is done atomically. The longrunning operation from this RPC will have a
111
- # successful status once all replacements have propagated to long-lasting
112
- # storage. Replacements containing errors will result in an error response
113
- # for the first error encountered. Replacement will be cancelled on error,
114
- # existing [Access Levels]
115
- # [google.identity.accesscontextmanager.v1.AccessLevel] will not be
116
- # affected. Operation.response field will contain
117
- # ReplaceAccessLevelsResponse. Removing [Access Levels]
109
+ # is done atomically. The long-running operation from this RPC has a
110
+ # successful status after all replacements propagate to long-lasting
111
+ # storage. If the replacement contains errors, an error response is returned
112
+ # for the first error encountered. Upon error, the replacement is cancelled,
113
+ # and existing [access levels]
114
+ # [google.identity.accesscontextmanager.v1.AccessLevel] are not
115
+ # affected. The Operation.response field contains
116
+ # ReplaceAccessLevelsResponse. Removing [access levels]
118
117
  # [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing
119
- # [Service Perimeters]
120
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] will result in
118
+ # [service perimeters]
119
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an
121
120
  # error.
122
121
  rpc :ReplaceAccessLevels, ::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest, ::Google::Longrunning::Operation
123
- # List all [Service Perimeters]
122
+ # Lists all [service perimeters]
124
123
  # [google.identity.accesscontextmanager.v1.ServicePerimeter] for an
125
124
  # access policy.
126
125
  rpc :ListServicePerimeters, ::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest, ::Google::Identity::AccessContextManager::V1::ListServicePerimetersResponse
127
- # Get a [Service Perimeter]
128
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] by resource
129
- # name.
126
+ # Gets a [service perimeter]
127
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the
128
+ # resource name.
130
129
  rpc :GetServicePerimeter, ::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest, ::Google::Identity::AccessContextManager::V1::ServicePerimeter
131
- # Create a [Service Perimeter]
130
+ # Creates a [service perimeter]
132
131
  # [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
133
- # longrunning operation from this RPC will have a successful status once the
134
- # [Service Perimeter]
135
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] has
136
- # propagated to long-lasting storage. [Service Perimeters]
137
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] containing
138
- # errors will result in an error response for the first error encountered.
132
+ # long-running operation from this RPC has a successful status after the
133
+ # [service perimeter]
134
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter]
135
+ # propagates to long-lasting storage. If a [service perimeter]
136
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter] contains
137
+ # errors, an error response is returned for the first error encountered.
139
138
  rpc :CreateServicePerimeter, ::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest, ::Google::Longrunning::Operation
140
- # Update a [Service Perimeter]
139
+ # Updates a [service perimeter]
141
140
  # [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
142
- # longrunning operation from this RPC will have a successful status once the
143
- # changes to the [Service Perimeter]
144
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] have
145
- # propagated to long-lasting storage. [Service Perimeter]
146
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] containing
147
- # errors will result in an error response for the first error encountered.
141
+ # long-running operation from this RPC has a successful status after the
142
+ # [service perimeter]
143
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter]
144
+ # propagates to long-lasting storage. If a [service perimeter]
145
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter] contains
146
+ # errors, an error response is returned for the first error encountered.
148
147
  rpc :UpdateServicePerimeter, ::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest, ::Google::Longrunning::Operation
149
- # Delete a [Service Perimeter]
150
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] by resource
151
- # name. The longrunning operation from this RPC will have a successful status
152
- # once the [Service Perimeter]
153
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] has been
154
- # removed from long-lasting storage.
148
+ # Deletes a [service perimeter]
149
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the
150
+ # resource name. The long-running operation from this RPC has a successful
151
+ # status after the [service perimeter]
152
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from
153
+ # long-lasting storage.
155
154
  rpc :DeleteServicePerimeter, ::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest, ::Google::Longrunning::Operation
156
- # Replace all existing [Service Perimeters]
157
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
158
- # [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy]
159
- # with the [Service Perimeters]
160
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] provided.
161
- # This is done atomically. The longrunning operation from this
162
- # RPC will have a successful status once all replacements have propagated to
163
- # long-lasting storage. Replacements containing errors will result in an
164
- # error response for the first error encountered. Replacement will be
165
- # cancelled on error, existing [Service Perimeters]
166
- # [google.identity.accesscontextmanager.v1.ServicePerimeter] will not be
167
- # affected. Operation.response field will contain
155
+ # Replace all existing [service perimeters]
156
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access
157
+ # policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the
158
+ # [service perimeters]
159
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This
160
+ # is done atomically. The long-running operation from this RPC has a
161
+ # successful status after all replacements propagate to long-lasting storage.
162
+ # Replacements containing errors result in an error response for the first
163
+ # error encountered. Upon an error, replacement are cancelled and existing
164
+ # [service perimeters]
165
+ # [google.identity.accesscontextmanager.v1.ServicePerimeter] are not
166
+ # affected. The Operation.response field contains
168
167
  # ReplaceServicePerimetersResponse.
169
168
  rpc :ReplaceServicePerimeters, ::Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest, ::Google::Longrunning::Operation
170
- # Commit the dry-run spec for all the [Service Perimeters]
169
+ # Commits the dry-run specification for all the [service perimeters]
171
170
  # [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
172
- # [Access Policy][google.identity.accesscontextmanager.v1.AccessPolicy].
173
- # A commit operation on a Service Perimeter involves copying its `spec` field
174
- # to that Service Perimeter's `status` field. Only [Service Perimeters]
171
+ # [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
172
+ # A commit operation on a service perimeter involves copying its `spec` field
173
+ # to the `status` field of the service perimeter. Only [service perimeters]
175
174
  # [google.identity.accesscontextmanager.v1.ServicePerimeter] with
176
175
  # `use_explicit_dry_run_spec` field set to true are affected by a commit
177
- # operation. The longrunning operation from this RPC will have a successful
178
- # status once the dry-run specs for all the [Service Perimeters]
176
+ # operation. The long-running operation from this RPC has a successful
177
+ # status after the dry-run specifications for all the [service perimeters]
179
178
  # [google.identity.accesscontextmanager.v1.ServicePerimeter] have been
180
- # committed. If a commit fails, it will cause the longrunning operation to
181
- # return an error response and the entire commit operation will be cancelled.
182
- # When successful, Operation.response field will contain
183
- # CommitServicePerimetersResponse. The `dry_run` and the `spec` fields will
184
- # be cleared after a successful commit operation.
179
+ # committed. If a commit fails, it causes the long-running operation to
180
+ # return an error response and the entire commit operation is cancelled.
181
+ # When successful, the Operation.response field contains
182
+ # CommitServicePerimetersResponse. The `dry_run` and the `spec` fields are
183
+ # cleared after a successful commit operation.
185
184
  rpc :CommitServicePerimeters, ::Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest, ::Google::Longrunning::Operation
186
185
  # Lists all [GcpUserAccessBindings]
187
186
  # [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a
@@ -195,7 +194,7 @@ module Google
195
194
  # [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the
196
195
  # client specifies a [name]
197
196
  # [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name],
198
- # the server will ignore it. Fails if a resource already exists with the same
197
+ # the server ignores it. Fails if a resource already exists with the same
199
198
  # [group_key]
200
199
  # [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key].
201
200
  # Completion of this long-running operation does not necessarily signify that
@@ -214,6 +213,23 @@ module Google
214
213
  # the binding deletion is deployed onto all affected users, which may take
215
214
  # more time.
216
215
  rpc :DeleteGcpUserAccessBinding, ::Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest, ::Google::Longrunning::Operation
216
+ # Sets the IAM policy for the specified Access Context Manager
217
+ # [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
218
+ # This method replaces the existing IAM policy on the access policy. The IAM
219
+ # policy controls the set of users who can perform specific operations on the
220
+ # Access Context Manager [access
221
+ # policy][google.identity.accesscontextmanager.v1.AccessPolicy].
222
+ rpc :SetIamPolicy, ::Google::Iam::V1::SetIamPolicyRequest, ::Google::Iam::V1::Policy
223
+ # Gets the IAM policy for the specified Access Context Manager
224
+ # [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
225
+ rpc :GetIamPolicy, ::Google::Iam::V1::GetIamPolicyRequest, ::Google::Iam::V1::Policy
226
+ # Returns the IAM permissions that the caller has on the specified Access
227
+ # Context Manager resource. The resource can be an
228
+ # [AccessPolicy][google.identity.accesscontextmanager.v1.AccessPolicy],
229
+ # [AccessLevel][google.identity.accesscontextmanager.v1.AccessLevel], or
230
+ # [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter
231
+ # ]. This method does not support other resources.
232
+ rpc :TestIamPermissions, ::Google::Iam::V1::TestIamPermissionsRequest, ::Google::Iam::V1::TestIamPermissionsResponse
217
233
  end
218
234
 
219
235
  Stub = Service.rpc_stub_class
@@ -12,6 +12,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
12
12
  optional :name, :string, 1
13
13
  optional :parent, :string, 2
14
14
  optional :title, :string, 3
15
+ repeated :scopes, :string, 7
15
16
  optional :create_time, :message, 4, "google.protobuf.Timestamp"
16
17
  optional :update_time, :message, 5, "google.protobuf.Timestamp"
17
18
  optional :etag, :string, 6
@@ -51,10 +51,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
51
51
  optional :resource, :string, 2
52
52
  end
53
53
  end
54
- add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
55
- repeated :resources, :string, 1
56
- repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
57
- end
58
54
  add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom" do
59
55
  repeated :sources, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource"
60
56
  repeated :identities, :string, 2
@@ -68,14 +64,19 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
68
64
  optional :ingress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom"
69
65
  optional :ingress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo"
70
66
  end
71
- add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
72
- optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
73
- optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
74
- end
75
67
  add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom" do
76
68
  repeated :identities, :string, 1
77
69
  optional :identity_type, :enum, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
78
70
  end
71
+ add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
72
+ repeated :resources, :string, 1
73
+ repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
74
+ repeated :external_resources, :string, 3
75
+ end
76
+ add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
77
+ optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
78
+ optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
79
+ end
79
80
  add_enum "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType" do
80
81
  value :IDENTITY_TYPE_UNSPECIFIED, 0
81
82
  value :ANY_IDENTITY, 1
@@ -96,12 +97,12 @@ module Google
96
97
  ServicePerimeterConfig::MethodSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector").msgclass
97
98
  ServicePerimeterConfig::ApiOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation").msgclass
98
99
  ServicePerimeterConfig::IngressSource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource").msgclass
99
- ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
100
100
  ServicePerimeterConfig::IngressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom").msgclass
101
101
  ServicePerimeterConfig::IngressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo").msgclass
102
102
  ServicePerimeterConfig::IngressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy").msgclass
103
- ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
104
103
  ServicePerimeterConfig::EgressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom").msgclass
104
+ ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
105
+ ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
105
106
  ServicePerimeterConfig::IdentityType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType").enummodule
106
107
  end
107
108
  end
@@ -0,0 +1,87 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Iam
22
+ module V1
23
+ # Request message for `SetIamPolicy` method.
24
+ # @!attribute [rw] resource
25
+ # @return [::String]
26
+ # REQUIRED: The resource for which the policy is being specified.
27
+ # See the operation documentation for the appropriate value for this field.
28
+ # @!attribute [rw] policy
29
+ # @return [::Google::Iam::V1::Policy]
30
+ # REQUIRED: The complete policy to be applied to the `resource`. The size of
31
+ # the policy is limited to a few 10s of KB. An empty policy is a
32
+ # valid policy but certain Cloud Platform services (such as Projects)
33
+ # might reject them.
34
+ # @!attribute [rw] update_mask
35
+ # @return [::Google::Protobuf::FieldMask]
36
+ # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
37
+ # the fields in the mask will be modified. If no mask is provided, the
38
+ # following default mask is used:
39
+ #
40
+ # `paths: "bindings, etag"`
41
+ class SetIamPolicyRequest
42
+ include ::Google::Protobuf::MessageExts
43
+ extend ::Google::Protobuf::MessageExts::ClassMethods
44
+ end
45
+
46
+ # Request message for `GetIamPolicy` method.
47
+ # @!attribute [rw] resource
48
+ # @return [::String]
49
+ # REQUIRED: The resource for which the policy is being requested.
50
+ # See the operation documentation for the appropriate value for this field.
51
+ # @!attribute [rw] options
52
+ # @return [::Google::Iam::V1::GetPolicyOptions]
53
+ # OPTIONAL: A `GetPolicyOptions` object for specifying options to
54
+ # `GetIamPolicy`.
55
+ class GetIamPolicyRequest
56
+ include ::Google::Protobuf::MessageExts
57
+ extend ::Google::Protobuf::MessageExts::ClassMethods
58
+ end
59
+
60
+ # Request message for `TestIamPermissions` method.
61
+ # @!attribute [rw] resource
62
+ # @return [::String]
63
+ # REQUIRED: The resource for which the policy detail is being requested.
64
+ # See the operation documentation for the appropriate value for this field.
65
+ # @!attribute [rw] permissions
66
+ # @return [::Array<::String>]
67
+ # The set of permissions to check for the `resource`. Permissions with
68
+ # wildcards (such as '*' or 'storage.*') are not allowed. For more
69
+ # information see
70
+ # [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
71
+ class TestIamPermissionsRequest
72
+ include ::Google::Protobuf::MessageExts
73
+ extend ::Google::Protobuf::MessageExts::ClassMethods
74
+ end
75
+
76
+ # Response message for `TestIamPermissions` method.
77
+ # @!attribute [rw] permissions
78
+ # @return [::Array<::String>]
79
+ # A subset of `TestPermissionsRequest.permissions` that the caller is
80
+ # allowed.
81
+ class TestIamPermissionsResponse
82
+ include ::Google::Protobuf::MessageExts
83
+ extend ::Google::Protobuf::MessageExts::ClassMethods
84
+ end
85
+ end
86
+ end
87
+ end
@@ -0,0 +1,50 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Iam
22
+ module V1
23
+ # Encapsulates settings provided to GetIamPolicy.
24
+ # @!attribute [rw] requested_policy_version
25
+ # @return [::Integer]
26
+ # Optional. The maximum policy version that will be used to format the
27
+ # policy.
28
+ #
29
+ # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
30
+ # rejected.
31
+ #
32
+ # Requests for policies with any conditional role bindings must specify
33
+ # version 3. Policies with no conditional role bindings may specify any valid
34
+ # value or leave the field unset.
35
+ #
36
+ # The policy in the response might use the policy version that you specified,
37
+ # or it might use a lower policy version. For example, if you specify version
38
+ # 3, but the policy has no conditional role bindings, the response uses
39
+ # version 1.
40
+ #
41
+ # To learn which resources support conditions in their IAM policies, see the
42
+ # [IAM
43
+ # documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
44
+ class GetPolicyOptions
45
+ include ::Google::Protobuf::MessageExts
46
+ extend ::Google::Protobuf::MessageExts::ClassMethods
47
+ end
48
+ end
49
+ end
50
+ end