google-identity-access_context_manager-v1 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +1 -1
- data/lib/google/identity/access_context_manager/v1/access_context_manager/client.rb +437 -114
- data/lib/google/identity/access_context_manager/v1/access_context_manager.rb +8 -8
- data/lib/google/identity/access_context_manager/v1/version.rb +1 -1
- data/lib/google/identity/accesscontextmanager/v1/access_context_manager_pb.rb +2 -0
- data/lib/google/identity/accesscontextmanager/v1/access_context_manager_services_pb.rb +128 -112
- data/lib/google/identity/accesscontextmanager/v1/access_policy_pb.rb +1 -0
- data/lib/google/identity/accesscontextmanager/v1/service_perimeter_pb.rb +11 -10
- data/proto_docs/google/iam/v1/iam_policy.rb +87 -0
- data/proto_docs/google/iam/v1/options.rb +50 -0
- data/proto_docs/google/iam/v1/policy.rb +418 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/access_context_manager.rb +1 -1
- data/proto_docs/google/identity/accesscontextmanager/v1/access_policy.rb +16 -0
- data/proto_docs/google/identity/accesscontextmanager/v1/service_perimeter.rb +72 -64
- data/proto_docs/google/protobuf/empty.rb +0 -2
- metadata +21 -4
@@ -32,15 +32,15 @@ module Google
|
|
32
32
|
module AccessContextManager
|
33
33
|
module V1
|
34
34
|
##
|
35
|
-
# API for setting [
|
36
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel] and [
|
37
|
-
#
|
38
|
-
# for Google Cloud
|
39
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
40
|
-
# [
|
41
|
-
# and [
|
35
|
+
# API for setting [access levels]
|
36
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] and [service
|
37
|
+
# perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
38
|
+
# for Google Cloud projects. Each organization has one [access policy]
|
39
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the
|
40
|
+
# [access levels] [google.identity.accesscontextmanager.v1.AccessLevel]
|
41
|
+
# and [service perimeters]
|
42
42
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. This
|
43
|
-
# [
|
43
|
+
# [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
|
44
44
|
# applicable to all resources in the organization.
|
45
45
|
# AccessPolicies
|
46
46
|
#
|
@@ -7,6 +7,8 @@ require 'google/api/annotations_pb'
|
|
7
7
|
require 'google/api/client_pb'
|
8
8
|
require 'google/api/field_behavior_pb'
|
9
9
|
require 'google/api/resource_pb'
|
10
|
+
require 'google/iam/v1/iam_policy_pb'
|
11
|
+
require 'google/iam/v1/policy_pb'
|
10
12
|
require 'google/identity/accesscontextmanager/v1/access_level_pb'
|
11
13
|
require 'google/identity/accesscontextmanager/v1/access_policy_pb'
|
12
14
|
require 'google/identity/accesscontextmanager/v1/gcp_user_access_binding_pb'
|
@@ -24,15 +24,15 @@ module Google
|
|
24
24
|
module AccessContextManager
|
25
25
|
module V1
|
26
26
|
module AccessContextManager
|
27
|
-
# API for setting [
|
28
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel] and [
|
29
|
-
#
|
30
|
-
# for Google Cloud
|
31
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
32
|
-
# [
|
33
|
-
# and [
|
27
|
+
# API for setting [access levels]
|
28
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] and [service
|
29
|
+
# perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
30
|
+
# for Google Cloud projects. Each organization has one [access policy]
|
31
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the
|
32
|
+
# [access levels] [google.identity.accesscontextmanager.v1.AccessLevel]
|
33
|
+
# and [service perimeters]
|
34
34
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. This
|
35
|
-
# [
|
35
|
+
# [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
|
36
36
|
# applicable to all resources in the organization.
|
37
37
|
# AccessPolicies
|
38
38
|
class Service
|
@@ -43,145 +43,144 @@ module Google
|
|
43
43
|
self.unmarshal_class_method = :decode
|
44
44
|
self.service_name = 'google.identity.accesscontextmanager.v1.AccessContextManager'
|
45
45
|
|
46
|
-
#
|
47
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
48
|
-
#
|
46
|
+
# Lists all [access policies]
|
47
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] in an
|
48
|
+
# organization.
|
49
49
|
rpc :ListAccessPolicies, ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest, ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesResponse
|
50
|
-
#
|
51
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
50
|
+
# Returns an [access policy]
|
51
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.
|
52
52
|
rpc :GetAccessPolicy, ::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest, ::Google::Identity::AccessContextManager::V1::AccessPolicy
|
53
|
-
#
|
54
|
-
#
|
55
|
-
#
|
56
|
-
# Syntactic and basic semantic errors
|
53
|
+
# Creates an access policy. This method fails if the organization already has
|
54
|
+
# an access policy. The long-running operation has a successful status
|
55
|
+
# after the access policy propagates to long-lasting storage.
|
56
|
+
# Syntactic and basic semantic errors are returned in `metadata` as a
|
57
57
|
# BadRequest proto.
|
58
58
|
rpc :CreateAccessPolicy, ::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Google::Longrunning::Operation
|
59
|
-
#
|
59
|
+
# Updates an [access policy]
|
60
60
|
# [google.identity.accesscontextmanager.v1.AccessPolicy]. The
|
61
|
-
#
|
62
|
-
# changes to the [
|
63
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
64
|
-
# to long-lasting storage.
|
65
|
-
# returned in `metadata` as a BadRequest proto.
|
61
|
+
# long-running operation from this RPC has a successful status after the
|
62
|
+
# changes to the [access policy]
|
63
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] propagate
|
64
|
+
# to long-lasting storage.
|
66
65
|
rpc :UpdateAccessPolicy, ::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest, ::Google::Longrunning::Operation
|
67
|
-
#
|
68
|
-
# [google.identity.accesscontextmanager.v1.AccessPolicy]
|
69
|
-
# name. The
|
70
|
-
# [
|
71
|
-
#
|
66
|
+
# Deletes an [access policy]
|
67
|
+
# [google.identity.accesscontextmanager.v1.AccessPolicy] based on the
|
68
|
+
# resource name. The long-running operation has a successful status after the
|
69
|
+
# [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]
|
70
|
+
# is removed from long-lasting storage.
|
72
71
|
rpc :DeleteAccessPolicy, ::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest, ::Google::Longrunning::Operation
|
73
|
-
#
|
72
|
+
# Lists all [access levels]
|
74
73
|
# [google.identity.accesscontextmanager.v1.AccessLevel] for an access
|
75
74
|
# policy.
|
76
75
|
rpc :ListAccessLevels, ::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest, ::Google::Identity::AccessContextManager::V1::ListAccessLevelsResponse
|
77
|
-
#
|
78
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
76
|
+
# Gets an [access level]
|
77
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource
|
79
78
|
# name.
|
80
79
|
rpc :GetAccessLevel, ::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest, ::Google::Identity::AccessContextManager::V1::AccessLevel
|
81
|
-
#
|
82
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]. The
|
83
|
-
# operation from this RPC
|
84
|
-
#
|
85
|
-
#
|
86
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
87
|
-
# errors
|
80
|
+
# Creates an [access level]
|
81
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running
|
82
|
+
# operation from this RPC has a successful status after the [access
|
83
|
+
# level] [google.identity.accesscontextmanager.v1.AccessLevel]
|
84
|
+
# propagates to long-lasting storage. If [access levels]
|
85
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] contain
|
86
|
+
# errors, an error response is returned for the first error encountered.
|
88
87
|
rpc :CreateAccessLevel, ::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest, ::Google::Longrunning::Operation
|
89
|
-
#
|
90
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]. The
|
91
|
-
# operation from this RPC
|
92
|
-
# the [
|
93
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
94
|
-
# to long-lasting storage. [
|
95
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
96
|
-
# errors
|
88
|
+
# Updates an [access level]
|
89
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running
|
90
|
+
# operation from this RPC has a successful status after the changes to
|
91
|
+
# the [access level]
|
92
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] propagate
|
93
|
+
# to long-lasting storage. If [access levels]
|
94
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] contain
|
95
|
+
# errors, an error response is returned for the first error encountered.
|
97
96
|
rpc :UpdateAccessLevel, ::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest, ::Google::Longrunning::Operation
|
98
|
-
#
|
99
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
100
|
-
# name. The
|
101
|
-
#
|
97
|
+
# Deletes an [access level]
|
98
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource
|
99
|
+
# name. The long-running operation from this RPC has a successful status
|
100
|
+
# after the [access level]
|
102
101
|
# [google.identity.accesscontextmanager.v1.AccessLevel] has been removed
|
103
102
|
# from long-lasting storage.
|
104
103
|
rpc :DeleteAccessLevel, ::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest, ::Google::Longrunning::Operation
|
105
|
-
#
|
106
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel] in an [
|
107
|
-
#
|
108
|
-
# the [
|
104
|
+
# Replaces all existing [access levels]
|
105
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] in an [access
|
106
|
+
# policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with
|
107
|
+
# the [access levels]
|
109
108
|
# [google.identity.accesscontextmanager.v1.AccessLevel] provided. This
|
110
|
-
# is done atomically. The
|
111
|
-
# successful status
|
112
|
-
# storage.
|
113
|
-
# for the first error encountered.
|
114
|
-
# existing [
|
115
|
-
# [google.identity.accesscontextmanager.v1.AccessLevel]
|
116
|
-
# affected. Operation.response field
|
117
|
-
# ReplaceAccessLevelsResponse. Removing [
|
109
|
+
# is done atomically. The long-running operation from this RPC has a
|
110
|
+
# successful status after all replacements propagate to long-lasting
|
111
|
+
# storage. If the replacement contains errors, an error response is returned
|
112
|
+
# for the first error encountered. Upon error, the replacement is cancelled,
|
113
|
+
# and existing [access levels]
|
114
|
+
# [google.identity.accesscontextmanager.v1.AccessLevel] are not
|
115
|
+
# affected. The Operation.response field contains
|
116
|
+
# ReplaceAccessLevelsResponse. Removing [access levels]
|
118
117
|
# [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing
|
119
|
-
# [
|
120
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
118
|
+
# [service perimeters]
|
119
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an
|
121
120
|
# error.
|
122
121
|
rpc :ReplaceAccessLevels, ::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest, ::Google::Longrunning::Operation
|
123
|
-
#
|
122
|
+
# Lists all [service perimeters]
|
124
123
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter] for an
|
125
124
|
# access policy.
|
126
125
|
rpc :ListServicePerimeters, ::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest, ::Google::Identity::AccessContextManager::V1::ListServicePerimetersResponse
|
127
|
-
#
|
128
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
129
|
-
# name.
|
126
|
+
# Gets a [service perimeter]
|
127
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the
|
128
|
+
# resource name.
|
130
129
|
rpc :GetServicePerimeter, ::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest, ::Google::Identity::AccessContextManager::V1::ServicePerimeter
|
131
|
-
#
|
130
|
+
# Creates a [service perimeter]
|
132
131
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
|
133
|
-
#
|
134
|
-
# [
|
135
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
136
|
-
#
|
137
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
138
|
-
# errors
|
132
|
+
# long-running operation from this RPC has a successful status after the
|
133
|
+
# [service perimeter]
|
134
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
135
|
+
# propagates to long-lasting storage. If a [service perimeter]
|
136
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] contains
|
137
|
+
# errors, an error response is returned for the first error encountered.
|
139
138
|
rpc :CreateServicePerimeter, ::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest, ::Google::Longrunning::Operation
|
140
|
-
#
|
139
|
+
# Updates a [service perimeter]
|
141
140
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
|
142
|
-
#
|
143
|
-
#
|
144
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
145
|
-
#
|
146
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
147
|
-
# errors
|
141
|
+
# long-running operation from this RPC has a successful status after the
|
142
|
+
# [service perimeter]
|
143
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
144
|
+
# propagates to long-lasting storage. If a [service perimeter]
|
145
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] contains
|
146
|
+
# errors, an error response is returned for the first error encountered.
|
148
147
|
rpc :UpdateServicePerimeter, ::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest, ::Google::Longrunning::Operation
|
149
|
-
#
|
150
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
151
|
-
# name. The
|
152
|
-
#
|
153
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
154
|
-
#
|
148
|
+
# Deletes a [service perimeter]
|
149
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the
|
150
|
+
# resource name. The long-running operation from this RPC has a successful
|
151
|
+
# status after the [service perimeter]
|
152
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from
|
153
|
+
# long-lasting storage.
|
155
154
|
rpc :DeleteServicePerimeter, ::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest, ::Google::Longrunning::Operation
|
156
|
-
# Replace all existing [
|
157
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
|
158
|
-
#
|
159
|
-
#
|
160
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter] provided.
|
161
|
-
#
|
162
|
-
#
|
163
|
-
#
|
164
|
-
# error
|
165
|
-
#
|
166
|
-
# [google.identity.accesscontextmanager.v1.ServicePerimeter]
|
167
|
-
# affected. Operation.response field
|
155
|
+
# Replace all existing [service perimeters]
|
156
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access
|
157
|
+
# policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the
|
158
|
+
# [service perimeters]
|
159
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This
|
160
|
+
# is done atomically. The long-running operation from this RPC has a
|
161
|
+
# successful status after all replacements propagate to long-lasting storage.
|
162
|
+
# Replacements containing errors result in an error response for the first
|
163
|
+
# error encountered. Upon an error, replacement are cancelled and existing
|
164
|
+
# [service perimeters]
|
165
|
+
# [google.identity.accesscontextmanager.v1.ServicePerimeter] are not
|
166
|
+
# affected. The Operation.response field contains
|
168
167
|
# ReplaceServicePerimetersResponse.
|
169
168
|
rpc :ReplaceServicePerimeters, ::Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest, ::Google::Longrunning::Operation
|
170
|
-
#
|
169
|
+
# Commits the dry-run specification for all the [service perimeters]
|
171
170
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
|
172
|
-
# [
|
173
|
-
# A commit operation on a
|
174
|
-
# to
|
171
|
+
# [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
|
172
|
+
# A commit operation on a service perimeter involves copying its `spec` field
|
173
|
+
# to the `status` field of the service perimeter. Only [service perimeters]
|
175
174
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter] with
|
176
175
|
# `use_explicit_dry_run_spec` field set to true are affected by a commit
|
177
|
-
# operation. The
|
178
|
-
# status
|
176
|
+
# operation. The long-running operation from this RPC has a successful
|
177
|
+
# status after the dry-run specifications for all the [service perimeters]
|
179
178
|
# [google.identity.accesscontextmanager.v1.ServicePerimeter] have been
|
180
|
-
# committed. If a commit fails, it
|
181
|
-
# return an error response and the entire commit operation
|
182
|
-
# When successful, Operation.response field
|
183
|
-
# CommitServicePerimetersResponse. The `dry_run` and the `spec` fields
|
184
|
-
#
|
179
|
+
# committed. If a commit fails, it causes the long-running operation to
|
180
|
+
# return an error response and the entire commit operation is cancelled.
|
181
|
+
# When successful, the Operation.response field contains
|
182
|
+
# CommitServicePerimetersResponse. The `dry_run` and the `spec` fields are
|
183
|
+
# cleared after a successful commit operation.
|
185
184
|
rpc :CommitServicePerimeters, ::Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest, ::Google::Longrunning::Operation
|
186
185
|
# Lists all [GcpUserAccessBindings]
|
187
186
|
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a
|
@@ -195,7 +194,7 @@ module Google
|
|
195
194
|
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the
|
196
195
|
# client specifies a [name]
|
197
196
|
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name],
|
198
|
-
# the server
|
197
|
+
# the server ignores it. Fails if a resource already exists with the same
|
199
198
|
# [group_key]
|
200
199
|
# [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key].
|
201
200
|
# Completion of this long-running operation does not necessarily signify that
|
@@ -214,6 +213,23 @@ module Google
|
|
214
213
|
# the binding deletion is deployed onto all affected users, which may take
|
215
214
|
# more time.
|
216
215
|
rpc :DeleteGcpUserAccessBinding, ::Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest, ::Google::Longrunning::Operation
|
216
|
+
# Sets the IAM policy for the specified Access Context Manager
|
217
|
+
# [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
|
218
|
+
# This method replaces the existing IAM policy on the access policy. The IAM
|
219
|
+
# policy controls the set of users who can perform specific operations on the
|
220
|
+
# Access Context Manager [access
|
221
|
+
# policy][google.identity.accesscontextmanager.v1.AccessPolicy].
|
222
|
+
rpc :SetIamPolicy, ::Google::Iam::V1::SetIamPolicyRequest, ::Google::Iam::V1::Policy
|
223
|
+
# Gets the IAM policy for the specified Access Context Manager
|
224
|
+
# [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
|
225
|
+
rpc :GetIamPolicy, ::Google::Iam::V1::GetIamPolicyRequest, ::Google::Iam::V1::Policy
|
226
|
+
# Returns the IAM permissions that the caller has on the specified Access
|
227
|
+
# Context Manager resource. The resource can be an
|
228
|
+
# [AccessPolicy][google.identity.accesscontextmanager.v1.AccessPolicy],
|
229
|
+
# [AccessLevel][google.identity.accesscontextmanager.v1.AccessLevel], or
|
230
|
+
# [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter
|
231
|
+
# ]. This method does not support other resources.
|
232
|
+
rpc :TestIamPermissions, ::Google::Iam::V1::TestIamPermissionsRequest, ::Google::Iam::V1::TestIamPermissionsResponse
|
217
233
|
end
|
218
234
|
|
219
235
|
Stub = Service.rpc_stub_class
|
@@ -12,6 +12,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
12
12
|
optional :name, :string, 1
|
13
13
|
optional :parent, :string, 2
|
14
14
|
optional :title, :string, 3
|
15
|
+
repeated :scopes, :string, 7
|
15
16
|
optional :create_time, :message, 4, "google.protobuf.Timestamp"
|
16
17
|
optional :update_time, :message, 5, "google.protobuf.Timestamp"
|
17
18
|
optional :etag, :string, 6
|
@@ -51,10 +51,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
51
51
|
optional :resource, :string, 2
|
52
52
|
end
|
53
53
|
end
|
54
|
-
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
|
55
|
-
repeated :resources, :string, 1
|
56
|
-
repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
|
57
|
-
end
|
58
54
|
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom" do
|
59
55
|
repeated :sources, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource"
|
60
56
|
repeated :identities, :string, 2
|
@@ -68,14 +64,19 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
68
64
|
optional :ingress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom"
|
69
65
|
optional :ingress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo"
|
70
66
|
end
|
71
|
-
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
|
72
|
-
optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
|
73
|
-
optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
|
74
|
-
end
|
75
67
|
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom" do
|
76
68
|
repeated :identities, :string, 1
|
77
69
|
optional :identity_type, :enum, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
|
78
70
|
end
|
71
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
|
72
|
+
repeated :resources, :string, 1
|
73
|
+
repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
|
74
|
+
repeated :external_resources, :string, 3
|
75
|
+
end
|
76
|
+
add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
|
77
|
+
optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
|
78
|
+
optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
|
79
|
+
end
|
79
80
|
add_enum "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType" do
|
80
81
|
value :IDENTITY_TYPE_UNSPECIFIED, 0
|
81
82
|
value :ANY_IDENTITY, 1
|
@@ -96,12 +97,12 @@ module Google
|
|
96
97
|
ServicePerimeterConfig::MethodSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector").msgclass
|
97
98
|
ServicePerimeterConfig::ApiOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation").msgclass
|
98
99
|
ServicePerimeterConfig::IngressSource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource").msgclass
|
99
|
-
ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
|
100
100
|
ServicePerimeterConfig::IngressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom").msgclass
|
101
101
|
ServicePerimeterConfig::IngressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo").msgclass
|
102
102
|
ServicePerimeterConfig::IngressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy").msgclass
|
103
|
-
ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
|
104
103
|
ServicePerimeterConfig::EgressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom").msgclass
|
104
|
+
ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
|
105
|
+
ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
|
105
106
|
ServicePerimeterConfig::IdentityType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType").enummodule
|
106
107
|
end
|
107
108
|
end
|
@@ -0,0 +1,87 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Iam
|
22
|
+
module V1
|
23
|
+
# Request message for `SetIamPolicy` method.
|
24
|
+
# @!attribute [rw] resource
|
25
|
+
# @return [::String]
|
26
|
+
# REQUIRED: The resource for which the policy is being specified.
|
27
|
+
# See the operation documentation for the appropriate value for this field.
|
28
|
+
# @!attribute [rw] policy
|
29
|
+
# @return [::Google::Iam::V1::Policy]
|
30
|
+
# REQUIRED: The complete policy to be applied to the `resource`. The size of
|
31
|
+
# the policy is limited to a few 10s of KB. An empty policy is a
|
32
|
+
# valid policy but certain Cloud Platform services (such as Projects)
|
33
|
+
# might reject them.
|
34
|
+
# @!attribute [rw] update_mask
|
35
|
+
# @return [::Google::Protobuf::FieldMask]
|
36
|
+
# OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
37
|
+
# the fields in the mask will be modified. If no mask is provided, the
|
38
|
+
# following default mask is used:
|
39
|
+
#
|
40
|
+
# `paths: "bindings, etag"`
|
41
|
+
class SetIamPolicyRequest
|
42
|
+
include ::Google::Protobuf::MessageExts
|
43
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
44
|
+
end
|
45
|
+
|
46
|
+
# Request message for `GetIamPolicy` method.
|
47
|
+
# @!attribute [rw] resource
|
48
|
+
# @return [::String]
|
49
|
+
# REQUIRED: The resource for which the policy is being requested.
|
50
|
+
# See the operation documentation for the appropriate value for this field.
|
51
|
+
# @!attribute [rw] options
|
52
|
+
# @return [::Google::Iam::V1::GetPolicyOptions]
|
53
|
+
# OPTIONAL: A `GetPolicyOptions` object for specifying options to
|
54
|
+
# `GetIamPolicy`.
|
55
|
+
class GetIamPolicyRequest
|
56
|
+
include ::Google::Protobuf::MessageExts
|
57
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
58
|
+
end
|
59
|
+
|
60
|
+
# Request message for `TestIamPermissions` method.
|
61
|
+
# @!attribute [rw] resource
|
62
|
+
# @return [::String]
|
63
|
+
# REQUIRED: The resource for which the policy detail is being requested.
|
64
|
+
# See the operation documentation for the appropriate value for this field.
|
65
|
+
# @!attribute [rw] permissions
|
66
|
+
# @return [::Array<::String>]
|
67
|
+
# The set of permissions to check for the `resource`. Permissions with
|
68
|
+
# wildcards (such as '*' or 'storage.*') are not allowed. For more
|
69
|
+
# information see
|
70
|
+
# [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
|
71
|
+
class TestIamPermissionsRequest
|
72
|
+
include ::Google::Protobuf::MessageExts
|
73
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
74
|
+
end
|
75
|
+
|
76
|
+
# Response message for `TestIamPermissions` method.
|
77
|
+
# @!attribute [rw] permissions
|
78
|
+
# @return [::Array<::String>]
|
79
|
+
# A subset of `TestPermissionsRequest.permissions` that the caller is
|
80
|
+
# allowed.
|
81
|
+
class TestIamPermissionsResponse
|
82
|
+
include ::Google::Protobuf::MessageExts
|
83
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Iam
|
22
|
+
module V1
|
23
|
+
# Encapsulates settings provided to GetIamPolicy.
|
24
|
+
# @!attribute [rw] requested_policy_version
|
25
|
+
# @return [::Integer]
|
26
|
+
# Optional. The maximum policy version that will be used to format the
|
27
|
+
# policy.
|
28
|
+
#
|
29
|
+
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
30
|
+
# rejected.
|
31
|
+
#
|
32
|
+
# Requests for policies with any conditional role bindings must specify
|
33
|
+
# version 3. Policies with no conditional role bindings may specify any valid
|
34
|
+
# value or leave the field unset.
|
35
|
+
#
|
36
|
+
# The policy in the response might use the policy version that you specified,
|
37
|
+
# or it might use a lower policy version. For example, if you specify version
|
38
|
+
# 3, but the policy has no conditional role bindings, the response uses
|
39
|
+
# version 1.
|
40
|
+
#
|
41
|
+
# To learn which resources support conditions in their IAM policies, see the
|
42
|
+
# [IAM
|
43
|
+
# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
44
|
+
class GetPolicyOptions
|
45
|
+
include ::Google::Protobuf::MessageExts
|
46
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|