RubyGems - google-identity-access_context_manager-v1 - Versions diffs - 0.2.0 → 0.3.0 - Mend

google-identity-access_context_manager-v1 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

data/lib/google/identity/access_context_manager/v1/access_context_manager.rb CHANGED Viewed

@@ -32,15 +32,15 @@ module Google
     module AccessContextManager
       module V1
         ##
-        # API for setting [Access Levels]
-        # [google.identity.accesscontextmanager.v1.AccessLevel] and [Service
-        # Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
-        # for Google Cloud Projects. Each organization has one [AccessPolicy]
-        # [google.identity.accesscontextmanager.v1.AccessPolicy] containing the
-        # [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel]
-        # and [Service Perimeters]
+        # API for setting [access levels]
+        # [google.identity.accesscontextmanager.v1.AccessLevel] and [service
+        # perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
+        # for Google Cloud projects. Each organization has one [access policy]
+        # [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the
+        # [access levels] [google.identity.accesscontextmanager.v1.AccessLevel]
+        # and [service perimeters]
         # [google.identity.accesscontextmanager.v1.ServicePerimeter]. This
-        # [AccessPolicy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
+        # [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
         # applicable to all resources in the organization.
         # AccessPolicies
         #

data/lib/google/identity/access_context_manager/v1/version.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module Google
   module Identity
     module AccessContextManager
       module V1
-        VERSION = "0.2.0"
+        VERSION = "0.3.0"
       end
     end
   end

data/lib/google/identity/accesscontextmanager/v1/access_context_manager_pb.rb CHANGED Viewed

@@ -7,6 +7,8 @@ require 'google/api/annotations_pb'
 require 'google/api/client_pb'
 require 'google/api/field_behavior_pb'
 require 'google/api/resource_pb'
+require 'google/iam/v1/iam_policy_pb'
+require 'google/iam/v1/policy_pb'
 require 'google/identity/accesscontextmanager/v1/access_level_pb'
 require 'google/identity/accesscontextmanager/v1/access_policy_pb'
 require 'google/identity/accesscontextmanager/v1/gcp_user_access_binding_pb'

data/lib/google/identity/accesscontextmanager/v1/access_context_manager_services_pb.rb CHANGED Viewed

@@ -24,15 +24,15 @@ module Google
     module AccessContextManager
       module V1
         module AccessContextManager
-          # API for setting [Access Levels]
-          # [google.identity.accesscontextmanager.v1.AccessLevel] and [Service
-          # Perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
-          # for Google Cloud Projects. Each organization has one [AccessPolicy]
-          # [google.identity.accesscontextmanager.v1.AccessPolicy] containing the
-          # [Access Levels] [google.identity.accesscontextmanager.v1.AccessLevel]
-          # and [Service Perimeters]
+          # API for setting [access levels]
+          # [google.identity.accesscontextmanager.v1.AccessLevel] and [service
+          # perimeters] [google.identity.accesscontextmanager.v1.ServicePerimeter]
+          # for Google Cloud projects. Each organization has one [access policy]
+          # [google.identity.accesscontextmanager.v1.AccessPolicy] that contains the
+          # [access levels] [google.identity.accesscontextmanager.v1.AccessLevel]
+          # and [service perimeters]
           # [google.identity.accesscontextmanager.v1.ServicePerimeter]. This
-          # [AccessPolicy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
+          # [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy] is
           # applicable to all resources in the organization.
           # AccessPolicies
           class Service
@@ -43,145 +43,144 @@ module Google
             self.unmarshal_class_method = :decode
             self.service_name = 'google.identity.accesscontextmanager.v1.AccessContextManager'
-            # List all [AccessPolicies]
-            # [google.identity.accesscontextmanager.v1.AccessPolicy] under a
-            # container.
+            # Lists all [access policies]
+            # [google.identity.accesscontextmanager.v1.AccessPolicy] in an
+            # organization.
             rpc :ListAccessPolicies, ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesRequest, ::Google::Identity::AccessContextManager::V1::ListAccessPoliciesResponse
-            # Get an [AccessPolicy]
-            # [google.identity.accesscontextmanager.v1.AccessPolicy] by name.
+            # Returns an [access policy]
+            # [google.identity.accesscontextmanager.v1.AccessPolicy] based on the name.
             rpc :GetAccessPolicy, ::Google::Identity::AccessContextManager::V1::GetAccessPolicyRequest, ::Google::Identity::AccessContextManager::V1::AccessPolicy
-            # Create an `AccessPolicy`. Fails if this organization already has a
-            # `AccessPolicy`. The longrunning Operation will have a successful status
-            # once the `AccessPolicy` has propagated to long-lasting storage.
-            # Syntactic and basic semantic errors will be returned in `metadata` as a
+            # Creates an access policy. This method fails if the organization already has
+            # an access policy. The long-running operation has a successful status
+            # after the access policy propagates to long-lasting storage.
+            # Syntactic and basic semantic errors are returned in `metadata` as a
             # BadRequest proto.
             rpc :CreateAccessPolicy, ::Google::Identity::AccessContextManager::V1::AccessPolicy, ::Google::Longrunning::Operation
-            # Update an [AccessPolicy]
+            # Updates an [access policy]
             # [google.identity.accesscontextmanager.v1.AccessPolicy]. The
-            # longrunning Operation from this RPC will have a successful status once the
-            # changes to the [AccessPolicy]
-            # [google.identity.accesscontextmanager.v1.AccessPolicy] have propagated
-            # to long-lasting storage. Syntactic and basic semantic errors will be
-            # returned in `metadata` as a BadRequest proto.
+            # long-running operation from this RPC has a successful status after the
+            # changes to the [access policy]
+            # [google.identity.accesscontextmanager.v1.AccessPolicy] propagate
+            # to long-lasting storage.
             rpc :UpdateAccessPolicy, ::Google::Identity::AccessContextManager::V1::UpdateAccessPolicyRequest, ::Google::Longrunning::Operation
-            # Delete an [AccessPolicy]
-            # [google.identity.accesscontextmanager.v1.AccessPolicy] by resource
-            # name. The longrunning Operation will have a successful status once the
-            # [AccessPolicy] [google.identity.accesscontextmanager.v1.AccessPolicy]
-            # has been removed from long-lasting storage.
+            # Deletes an [access policy]
+            # [google.identity.accesscontextmanager.v1.AccessPolicy] based on the
+            # resource name. The long-running operation has a successful status after the
+            # [access policy] [google.identity.accesscontextmanager.v1.AccessPolicy]
+            # is removed from long-lasting storage.
             rpc :DeleteAccessPolicy, ::Google::Identity::AccessContextManager::V1::DeleteAccessPolicyRequest, ::Google::Longrunning::Operation
-            # List all [Access Levels]
+            # Lists all [access levels]
             # [google.identity.accesscontextmanager.v1.AccessLevel] for an access
             # policy.
             rpc :ListAccessLevels, ::Google::Identity::AccessContextManager::V1::ListAccessLevelsRequest, ::Google::Identity::AccessContextManager::V1::ListAccessLevelsResponse
-            # Get an [Access Level]
-            # [google.identity.accesscontextmanager.v1.AccessLevel] by resource
+            # Gets an [access level]
+            # [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource
             # name.
             rpc :GetAccessLevel, ::Google::Identity::AccessContextManager::V1::GetAccessLevelRequest, ::Google::Identity::AccessContextManager::V1::AccessLevel
-            # Create an [Access Level]
-            # [google.identity.accesscontextmanager.v1.AccessLevel]. The longrunning
-            # operation from this RPC will have a successful status once the [Access
-            # Level] [google.identity.accesscontextmanager.v1.AccessLevel] has
-            # propagated to long-lasting storage. [Access Levels]
-            # [google.identity.accesscontextmanager.v1.AccessLevel] containing
-            # errors will result in an error response for the first error encountered.
+            # Creates an [access level]
+            # [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running
+            # operation from this RPC has a successful status after the [access
+            # level] [google.identity.accesscontextmanager.v1.AccessLevel]
+            # propagates to long-lasting storage. If [access levels]
+            # [google.identity.accesscontextmanager.v1.AccessLevel] contain
+            # errors, an error response is returned for the first error encountered.
             rpc :CreateAccessLevel, ::Google::Identity::AccessContextManager::V1::CreateAccessLevelRequest, ::Google::Longrunning::Operation
-            # Update an [Access Level]
-            # [google.identity.accesscontextmanager.v1.AccessLevel]. The longrunning
-            # operation from this RPC will have a successful status once the changes to
-            # the [Access Level]
-            # [google.identity.accesscontextmanager.v1.AccessLevel] have propagated
-            # to long-lasting storage. [Access Levels]
-            # [google.identity.accesscontextmanager.v1.AccessLevel] containing
-            # errors will result in an error response for the first error encountered.
+            # Updates an [access level]
+            # [google.identity.accesscontextmanager.v1.AccessLevel]. The long-running
+            # operation from this RPC has a successful status after the changes to
+            # the [access level]
+            # [google.identity.accesscontextmanager.v1.AccessLevel] propagate
+            # to long-lasting storage. If [access levels]
+            # [google.identity.accesscontextmanager.v1.AccessLevel] contain
+            # errors, an error response is returned for the first error encountered.
             rpc :UpdateAccessLevel, ::Google::Identity::AccessContextManager::V1::UpdateAccessLevelRequest, ::Google::Longrunning::Operation
-            # Delete an [Access Level]
-            # [google.identity.accesscontextmanager.v1.AccessLevel] by resource
-            # name. The longrunning operation from this RPC will have a successful status
-            # once the [Access Level]
+            # Deletes an [access level]
+            # [google.identity.accesscontextmanager.v1.AccessLevel] based on the resource
+            # name. The long-running operation from this RPC has a successful status
+            # after the [access level]
             # [google.identity.accesscontextmanager.v1.AccessLevel] has been removed
             # from long-lasting storage.
             rpc :DeleteAccessLevel, ::Google::Identity::AccessContextManager::V1::DeleteAccessLevelRequest, ::Google::Longrunning::Operation
-            # Replace all existing [Access Levels]
-            # [google.identity.accesscontextmanager.v1.AccessLevel] in an [Access
-            # Policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with
-            # the [Access Levels]
+            # Replaces all existing [access levels]
+            # [google.identity.accesscontextmanager.v1.AccessLevel] in an [access
+            # policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with
+            # the [access levels]
             # [google.identity.accesscontextmanager.v1.AccessLevel] provided. This
-            # is done atomically. The longrunning operation from this RPC will have a
-            # successful status once all replacements have propagated to long-lasting
-            # storage. Replacements containing errors will result in an error response
-            # for the first error encountered.  Replacement will be cancelled on error,
-            # existing [Access Levels]
-            # [google.identity.accesscontextmanager.v1.AccessLevel] will not be
-            # affected. Operation.response field will contain
-            # ReplaceAccessLevelsResponse. Removing [Access Levels]
+            # is done atomically. The long-running operation from this RPC has a
+            # successful status after all replacements propagate to long-lasting
+            # storage. If the replacement contains errors, an error response is returned
+            # for the first error encountered.  Upon error, the replacement is cancelled,
+            # and existing [access levels]
+            # [google.identity.accesscontextmanager.v1.AccessLevel] are not
+            # affected. The Operation.response field contains
+            # ReplaceAccessLevelsResponse. Removing [access levels]
             # [google.identity.accesscontextmanager.v1.AccessLevel] contained in existing
-            # [Service Perimeters]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] will result in
+            # [service perimeters]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter] result in an
             # error.
             rpc :ReplaceAccessLevels, ::Google::Identity::AccessContextManager::V1::ReplaceAccessLevelsRequest, ::Google::Longrunning::Operation
-            # List all [Service Perimeters]
+            # Lists all [service perimeters]
             # [google.identity.accesscontextmanager.v1.ServicePerimeter] for an
             # access policy.
             rpc :ListServicePerimeters, ::Google::Identity::AccessContextManager::V1::ListServicePerimetersRequest, ::Google::Identity::AccessContextManager::V1::ListServicePerimetersResponse
-            # Get a [Service Perimeter]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] by resource
-            # name.
+            # Gets a [service perimeter]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the
+            # resource name.
             rpc :GetServicePerimeter, ::Google::Identity::AccessContextManager::V1::GetServicePerimeterRequest, ::Google::Identity::AccessContextManager::V1::ServicePerimeter
-            # Create a [Service Perimeter]
+            # Creates a [service perimeter]
             # [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
-            # longrunning operation from this RPC will have a successful status once the
-            # [Service Perimeter]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] has
-            # propagated to long-lasting storage. [Service Perimeters]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] containing
-            # errors will result in an error response for the first error encountered.
+            # long-running operation from this RPC has a successful status after the
+            # [service perimeter]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter]
+            # propagates to long-lasting storage. If a [service perimeter]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter] contains
+            # errors, an error response is returned for the first error encountered.
             rpc :CreateServicePerimeter, ::Google::Identity::AccessContextManager::V1::CreateServicePerimeterRequest, ::Google::Longrunning::Operation
-            # Update a [Service Perimeter]
+            # Updates a [service perimeter]
             # [google.identity.accesscontextmanager.v1.ServicePerimeter]. The
-            # longrunning operation from this RPC will have a successful status once the
-            # changes to the [Service Perimeter]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] have
-            # propagated to long-lasting storage. [Service Perimeter]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] containing
-            # errors will result in an error response for the first error encountered.
+            # long-running operation from this RPC has a successful status after the
+            # [service perimeter]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter]
+            # propagates to long-lasting storage. If a [service perimeter]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter] contains
+            # errors, an error response is returned for the first error encountered.
             rpc :UpdateServicePerimeter, ::Google::Identity::AccessContextManager::V1::UpdateServicePerimeterRequest, ::Google::Longrunning::Operation
-            # Delete a [Service Perimeter]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] by resource
-            # name. The longrunning operation from this RPC will have a successful status
-            # once the [Service Perimeter]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] has been
-            # removed from long-lasting storage.
+            # Deletes a [service perimeter]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter] based on the
+            # resource name. The long-running operation from this RPC has a successful
+            # status after the [service perimeter]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter] is removed from
+            # long-lasting storage.
             rpc :DeleteServicePerimeter, ::Google::Identity::AccessContextManager::V1::DeleteServicePerimeterRequest, ::Google::Longrunning::Operation
-            # Replace all existing [Service Perimeters]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
-            # [Access Policy] [google.identity.accesscontextmanager.v1.AccessPolicy]
-            # with the [Service Perimeters]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] provided.
-            # This is done atomically. The longrunning operation from this
-            # RPC will have a successful status once all replacements have propagated to
-            # long-lasting storage. Replacements containing errors will result in an
-            # error response for the first error encountered. Replacement will be
-            # cancelled on error, existing [Service Perimeters]
-            # [google.identity.accesscontextmanager.v1.ServicePerimeter] will not be
-            # affected. Operation.response field will contain
+            # Replace all existing [service perimeters]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter] in an [access
+            # policy] [google.identity.accesscontextmanager.v1.AccessPolicy] with the
+            # [service perimeters]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter] provided. This
+            # is done atomically. The long-running operation from this RPC has a
+            # successful status after all replacements propagate to long-lasting storage.
+            # Replacements containing errors result in an error response for the first
+            # error encountered. Upon an error, replacement are cancelled and existing
+            # [service perimeters]
+            # [google.identity.accesscontextmanager.v1.ServicePerimeter] are not
+            # affected. The Operation.response field contains
             # ReplaceServicePerimetersResponse.
             rpc :ReplaceServicePerimeters, ::Google::Identity::AccessContextManager::V1::ReplaceServicePerimetersRequest, ::Google::Longrunning::Operation
-            # Commit the dry-run spec for all the [Service Perimeters]
+            # Commits the dry-run specification for all the [service perimeters]
             # [google.identity.accesscontextmanager.v1.ServicePerimeter] in an
-            # [Access Policy][google.identity.accesscontextmanager.v1.AccessPolicy].
-            # A commit operation on a Service Perimeter involves copying its `spec` field
-            # to that Service Perimeter's `status` field. Only [Service Perimeters]
+            # [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
+            # A commit operation on a service perimeter involves copying its `spec` field
+            # to the `status` field of the service perimeter. Only [service perimeters]
             # [google.identity.accesscontextmanager.v1.ServicePerimeter] with
             # `use_explicit_dry_run_spec` field set to true are affected by a commit
-            # operation. The longrunning operation from this RPC will have a successful
-            # status once the dry-run specs for all the [Service Perimeters]
+            # operation. The long-running operation from this RPC has a successful
+            # status after the dry-run specifications for all the [service perimeters]
             # [google.identity.accesscontextmanager.v1.ServicePerimeter] have been
-            # committed. If a commit fails, it will cause the longrunning operation to
-            # return an error response and the entire commit operation will be cancelled.
-            # When successful, Operation.response field will contain
-            # CommitServicePerimetersResponse. The `dry_run` and the `spec` fields will
-            # be cleared after a successful commit operation.
+            # committed. If a commit fails, it causes the long-running operation to
+            # return an error response and the entire commit operation is cancelled.
+            # When successful, the Operation.response field contains
+            # CommitServicePerimetersResponse. The `dry_run` and the `spec` fields are
+            # cleared after a successful commit operation.
             rpc :CommitServicePerimeters, ::Google::Identity::AccessContextManager::V1::CommitServicePerimetersRequest, ::Google::Longrunning::Operation
             # Lists all [GcpUserAccessBindings]
             # [google.identity.accesscontextmanager.v1.GcpUserAccessBinding] for a
@@ -195,7 +194,7 @@ module Google
             # [google.identity.accesscontextmanager.v1.GcpUserAccessBinding]. If the
             # client specifies a [name]
             # [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.name],
-            # the server will ignore it. Fails if a resource already exists with the same
+            # the server ignores it. Fails if a resource already exists with the same
             # [group_key]
             # [google.identity.accesscontextmanager.v1.GcpUserAccessBinding.group_key].
             # Completion of this long-running operation does not necessarily signify that
@@ -214,6 +213,23 @@ module Google
             # the binding deletion is deployed onto all affected users, which may take
             # more time.
             rpc :DeleteGcpUserAccessBinding, ::Google::Identity::AccessContextManager::V1::DeleteGcpUserAccessBindingRequest, ::Google::Longrunning::Operation
+            # Sets the IAM policy for the specified Access Context Manager
+            # [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
+            # This method replaces the existing IAM policy on the access policy. The IAM
+            # policy controls the set of users who can perform specific operations on the
+            # Access Context Manager [access
+            # policy][google.identity.accesscontextmanager.v1.AccessPolicy].
+            rpc :SetIamPolicy, ::Google::Iam::V1::SetIamPolicyRequest, ::Google::Iam::V1::Policy
+            # Gets the IAM policy for the specified Access Context Manager
+            # [access policy][google.identity.accesscontextmanager.v1.AccessPolicy].
+            rpc :GetIamPolicy, ::Google::Iam::V1::GetIamPolicyRequest, ::Google::Iam::V1::Policy
+            # Returns the IAM permissions that the caller has on the specified Access
+            # Context Manager resource. The resource can be an
+            # [AccessPolicy][google.identity.accesscontextmanager.v1.AccessPolicy],
+            # [AccessLevel][google.identity.accesscontextmanager.v1.AccessLevel], or
+            # [ServicePerimeter][google.identity.accesscontextmanager.v1.ServicePerimeter
+            # ]. This method does not support other resources.
+            rpc :TestIamPermissions, ::Google::Iam::V1::TestIamPermissionsRequest, ::Google::Iam::V1::TestIamPermissionsResponse
           end
           Stub = Service.rpc_stub_class

data/lib/google/identity/accesscontextmanager/v1/access_policy_pb.rb CHANGED Viewed

@@ -12,6 +12,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :name, :string, 1
       optional :parent, :string, 2
       optional :title, :string, 3
+      repeated :scopes, :string, 7
       optional :create_time, :message, 4, "google.protobuf.Timestamp"
       optional :update_time, :message, 5, "google.protobuf.Timestamp"
       optional :etag, :string, 6

data/lib/google/identity/accesscontextmanager/v1/service_perimeter_pb.rb CHANGED Viewed

@@ -51,10 +51,6 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
         optional :resource, :string, 2
       end
     end
-    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
-      repeated :resources, :string, 1
-      repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
-    end
     add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom" do
       repeated :sources, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource"
       repeated :identities, :string, 2
@@ -68,14 +64,19 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :ingress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom"
       optional :ingress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo"
     end
-    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
-      optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
-      optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
-    end
     add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom" do
       repeated :identities, :string, 1
       optional :identity_type, :enum, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType"
     end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo" do
+      repeated :resources, :string, 1
+      repeated :operations, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation"
+      repeated :external_resources, :string, 3
+    end
+    add_message "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy" do
+      optional :egress_from, :message, 1, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom"
+      optional :egress_to, :message, 2, "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo"
+    end
     add_enum "google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType" do
       value :IDENTITY_TYPE_UNSPECIFIED, 0
       value :ANY_IDENTITY, 1
@@ -96,12 +97,12 @@ module Google
         ServicePerimeterConfig::MethodSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.MethodSelector").msgclass
         ServicePerimeterConfig::ApiOperation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.ApiOperation").msgclass
         ServicePerimeterConfig::IngressSource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressSource").msgclass
-        ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
         ServicePerimeterConfig::IngressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressFrom").msgclass
         ServicePerimeterConfig::IngressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressTo").msgclass
         ServicePerimeterConfig::IngressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IngressPolicy").msgclass
-        ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
         ServicePerimeterConfig::EgressFrom = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressFrom").msgclass
+        ServicePerimeterConfig::EgressTo = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressTo").msgclass
+        ServicePerimeterConfig::EgressPolicy = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.EgressPolicy").msgclass
         ServicePerimeterConfig::IdentityType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.identity.accesscontextmanager.v1.ServicePerimeterConfig.IdentityType").enummodule
       end
     end

data/proto_docs/google/iam/v1/iam_policy.rb ADDED Viewed

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Iam
+    module V1
+      # Request message for `SetIamPolicy` method.
+      # @!attribute [rw] resource
+      #   @return [::String]
+      #     REQUIRED: The resource for which the policy is being specified.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] policy
+      #   @return [::Google::Iam::V1::Policy]
+      #     REQUIRED: The complete policy to be applied to the `resource`. The size of
+      #     the policy is limited to a few 10s of KB. An empty policy is a
+      #     valid policy but certain Cloud Platform services (such as Projects)
+      #     might reject them.
+      # @!attribute [rw] update_mask
+      #   @return [::Google::Protobuf::FieldMask]
+      #     OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
+      #     the fields in the mask will be modified. If no mask is provided, the
+      #     following default mask is used:
+      #
+      #     `paths: "bindings, etag"`
+      class SetIamPolicyRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+      # Request message for `GetIamPolicy` method.
+      # @!attribute [rw] resource
+      #   @return [::String]
+      #     REQUIRED: The resource for which the policy is being requested.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] options
+      #   @return [::Google::Iam::V1::GetPolicyOptions]
+      #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
+      #     `GetIamPolicy`.
+      class GetIamPolicyRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+      # Request message for `TestIamPermissions` method.
+      # @!attribute [rw] resource
+      #   @return [::String]
+      #     REQUIRED: The resource for which the policy detail is being requested.
+      #     See the operation documentation for the appropriate value for this field.
+      # @!attribute [rw] permissions
+      #   @return [::Array<::String>]
+      #     The set of permissions to check for the `resource`. Permissions with
+      #     wildcards (such as '*' or 'storage.*') are not allowed. For more
+      #     information see
+      #     [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
+      class TestIamPermissionsRequest
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+      # Response message for `TestIamPermissions` method.
+      # @!attribute [rw] permissions
+      #   @return [::Array<::String>]
+      #     A subset of `TestPermissionsRequest.permissions` that the caller is
+      #     allowed.
+      class TestIamPermissionsResponse
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+  end
+end

data/proto_docs/google/iam/v1/options.rb ADDED Viewed

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Iam
+    module V1
+      # Encapsulates settings provided to GetIamPolicy.
+      # @!attribute [rw] requested_policy_version
+      #   @return [::Integer]
+      #     Optional. The maximum policy version that will be used to format the
+      #     policy.
+      #
+      #     Valid values are 0, 1, and 3. Requests specifying an invalid value will be
+      #     rejected.
+      #
+      #     Requests for policies with any conditional role bindings must specify
+      #     version 3. Policies with no conditional role bindings may specify any valid
+      #     value or leave the field unset.
+      #
+      #     The policy in the response might use the policy version that you specified,
+      #     or it might use a lower policy version. For example, if you specify version
+      #     3, but the policy has no conditional role bindings, the response uses
+      #     version 1.
+      #
+      #     To learn which resources support conditions in their IAM policies, see the
+      #     [IAM
+      #     documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      class GetPolicyOptions
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+  end
+end