grpc-google-iam-v1 1.2.0 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/lib/google/iam/v1/iam_policy_pb.rb +185 -17
- data/lib/google/iam/v1/options_pb.rb +75 -4
- data/lib/google/iam/v1/policy_pb.rb +438 -52
- data/lib/grpc/google/iam/v1/version.rb +1 -1
- metadata +11 -17
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7a82fb3f3aa19e2c5ce8f62f1121b5134dcdd037bbb8fdf47f27499ded5198f0
|
4
|
+
data.tar.gz: b3bb9c954975eef36f69f86d5a3fd058ce2f4123908717af43623fe46ecc089e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 88ea4f1312f3a1d03e026d27354f8458267c80d4626aca0f6241a0a3b22e7cf2adeb7a09c15901071153c2da8f2fde23c244f8566c604dc6c7ebca81a893e92c
|
7
|
+
data.tar.gz: 23c76ecf2c0e38ea7cd04864718a3520731d5b2cc5e4727711baf5bd587ccedf3323f2529d938b03d1f5343edc970b5e60d3a35f129772271d9acfe158a4d13d
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,17 @@
|
|
1
1
|
# Release History
|
2
2
|
|
3
|
+
### 1.4.0 (2023-12-04)
|
4
|
+
|
5
|
+
#### Features
|
6
|
+
|
7
|
+
* Automated update of grpc-google-iam-v1 ([#211](https://github.com/googleapis/common-protos-ruby/issues/211))
|
8
|
+
|
9
|
+
### 1.3.0 (2023-08-07)
|
10
|
+
|
11
|
+
#### Features
|
12
|
+
|
13
|
+
* Updated generated protobuf output to use binary descriptors for better future compatibility ([#172](https://github.com/googleapis/common-protos-ruby/issues/172))
|
14
|
+
|
3
15
|
### 1.2.0 (2022-08-17)
|
4
16
|
|
5
17
|
#### Features
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
3
|
# source: google/iam/v1/iam_policy.proto
|
3
4
|
|
@@ -11,25 +12,34 @@ require 'google/iam/v1/options_pb'
|
|
11
12
|
require 'google/iam/v1/policy_pb'
|
12
13
|
require 'google/protobuf/field_mask_pb'
|
13
14
|
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
15
|
+
|
16
|
+
descriptor_data = "\n\x1egoogle/iam/v1/iam_policy.proto\x12\rgoogle.iam.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1bgoogle/iam/v1/options.proto\x1a\x1agoogle/iam/v1/policy.proto\x1a google/protobuf/field_mask.proto\"\x91\x01\n\x13SetIamPolicyRequest\x12\x1c\n\x08resource\x18\x01 \x01(\tB\n\xe2\x41\x01\x02\xfa\x41\x03\n\x01*\x12+\n\x06policy\x18\x02 \x01(\x0b\x32\x15.google.iam.v1.PolicyB\x04\xe2\x41\x01\x02\x12/\n\x0bupdate_mask\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\"e\n\x13GetIamPolicyRequest\x12\x1c\n\x08resource\x18\x01 \x01(\tB\n\xe2\x41\x01\x02\xfa\x41\x03\n\x01*\x12\x30\n\x07options\x18\x02 \x01(\x0b\x32\x1f.google.iam.v1.GetPolicyOptions\"T\n\x19TestIamPermissionsRequest\x12\x1c\n\x08resource\x18\x01 \x01(\tB\n\xe2\x41\x01\x02\xfa\x41\x03\n\x01*\x12\x19\n\x0bpermissions\x18\x02 \x03(\tB\x04\xe2\x41\x01\x02\"1\n\x1aTestIamPermissionsResponse\x12\x13\n\x0bpermissions\x18\x01 \x03(\t2\xb4\x03\n\tIAMPolicy\x12t\n\x0cSetIamPolicy\x12\".google.iam.v1.SetIamPolicyRequest\x1a\x15.google.iam.v1.Policy\")\x82\xd3\xe4\x93\x02#\"\x1e/v1/{resource=**}:setIamPolicy:\x01*\x12t\n\x0cGetIamPolicy\x12\".google.iam.v1.GetIamPolicyRequest\x1a\x15.google.iam.v1.Policy\")\x82\xd3\xe4\x93\x02#\"\x1e/v1/{resource=**}:getIamPolicy:\x01*\x12\x9a\x01\n\x12TestIamPermissions\x12(.google.iam.v1.TestIamPermissionsRequest\x1a).google.iam.v1.TestIamPermissionsResponse\"/\x82\xd3\xe4\x93\x02)\"$/v1/{resource=**}:testIamPermissions:\x01*\x1a\x1e\xca\x41\x1biam-meta-api.googleapis.comB\x7f\n\x11\x63om.google.iam.v1B\x0eIamPolicyProtoP\x01Z)cloud.google.com/go/iam/apiv1/iampb;iampb\xf8\x01\x01\xaa\x02\x13Google.Cloud.Iam.V1\xca\x02\x13Google\\Cloud\\Iam\\V1b\x06proto3"
|
17
|
+
|
18
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
19
|
+
|
20
|
+
begin
|
21
|
+
pool.add_serialized_file(descriptor_data)
|
22
|
+
rescue TypeError => e
|
23
|
+
# Compatibility code: will be removed in the next major version.
|
24
|
+
require 'google/protobuf/descriptor_pb'
|
25
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
26
|
+
parsed.clear_dependency
|
27
|
+
serialized = parsed.class.encode(parsed)
|
28
|
+
file = pool.add_serialized_file(serialized)
|
29
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
30
|
+
imports = [
|
31
|
+
["google.iam.v1.Policy", "google/iam/v1/policy.proto"],
|
32
|
+
["google.protobuf.FieldMask", "google/protobuf/field_mask.proto"],
|
33
|
+
["google.iam.v1.GetPolicyOptions", "google/iam/v1/options.proto"],
|
34
|
+
]
|
35
|
+
imports.each do |type_name, expected_filename|
|
36
|
+
import_file = pool.lookup(type_name).file_descriptor
|
37
|
+
if import_file.name != expected_filename
|
38
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
31
39
|
end
|
32
40
|
end
|
41
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
42
|
+
warn "This will become an error in the next major version."
|
33
43
|
end
|
34
44
|
|
35
45
|
module Google
|
@@ -42,3 +52,161 @@ module Google
|
|
42
52
|
end
|
43
53
|
end
|
44
54
|
end
|
55
|
+
|
56
|
+
#### Source proto file: google/iam/v1/iam_policy.proto ####
|
57
|
+
#
|
58
|
+
# // Copyright 2022 Google LLC
|
59
|
+
# //
|
60
|
+
# // Licensed under the Apache License, Version 2.0 (the "License");
|
61
|
+
# // you may not use this file except in compliance with the License.
|
62
|
+
# // You may obtain a copy of the License at
|
63
|
+
# //
|
64
|
+
# // http://www.apache.org/licenses/LICENSE-2.0
|
65
|
+
# //
|
66
|
+
# // Unless required by applicable law or agreed to in writing, software
|
67
|
+
# // distributed under the License is distributed on an "AS IS" BASIS,
|
68
|
+
# // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
69
|
+
# // See the License for the specific language governing permissions and
|
70
|
+
# // limitations under the License.
|
71
|
+
#
|
72
|
+
# syntax = "proto3";
|
73
|
+
#
|
74
|
+
# package google.iam.v1;
|
75
|
+
#
|
76
|
+
# import "google/api/annotations.proto";
|
77
|
+
# import "google/api/client.proto";
|
78
|
+
# import "google/api/field_behavior.proto";
|
79
|
+
# import "google/api/resource.proto";
|
80
|
+
# import "google/iam/v1/options.proto";
|
81
|
+
# import "google/iam/v1/policy.proto";
|
82
|
+
# import "google/protobuf/field_mask.proto";
|
83
|
+
#
|
84
|
+
# option cc_enable_arenas = true;
|
85
|
+
# option csharp_namespace = "Google.Cloud.Iam.V1";
|
86
|
+
# option go_package = "cloud.google.com/go/iam/apiv1/iampb;iampb";
|
87
|
+
# option java_multiple_files = true;
|
88
|
+
# option java_outer_classname = "IamPolicyProto";
|
89
|
+
# option java_package = "com.google.iam.v1";
|
90
|
+
# option php_namespace = "Google\\Cloud\\Iam\\V1";
|
91
|
+
#
|
92
|
+
# // API Overview
|
93
|
+
# //
|
94
|
+
# //
|
95
|
+
# // Manages Identity and Access Management (IAM) policies.
|
96
|
+
# //
|
97
|
+
# // Any implementation of an API that offers access control features
|
98
|
+
# // implements the google.iam.v1.IAMPolicy interface.
|
99
|
+
# //
|
100
|
+
# // ## Data model
|
101
|
+
# //
|
102
|
+
# // Access control is applied when a principal (user or service account), takes
|
103
|
+
# // some action on a resource exposed by a service. Resources, identified by
|
104
|
+
# // URI-like names, are the unit of access control specification. Service
|
105
|
+
# // implementations can choose the granularity of access control and the
|
106
|
+
# // supported permissions for their resources.
|
107
|
+
# // For example one database service may allow access control to be
|
108
|
+
# // specified only at the Table level, whereas another might allow access control
|
109
|
+
# // to also be specified at the Column level.
|
110
|
+
# //
|
111
|
+
# // ## Policy Structure
|
112
|
+
# //
|
113
|
+
# // See google.iam.v1.Policy
|
114
|
+
# //
|
115
|
+
# // This is intentionally not a CRUD style API because access control policies
|
116
|
+
# // are created and deleted implicitly with the resources to which they are
|
117
|
+
# // attached.
|
118
|
+
# service IAMPolicy {
|
119
|
+
# option (google.api.default_host) = "iam-meta-api.googleapis.com";
|
120
|
+
#
|
121
|
+
# // Sets the access control policy on the specified resource. Replaces any
|
122
|
+
# // existing policy.
|
123
|
+
# //
|
124
|
+
# // Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
|
125
|
+
# rpc SetIamPolicy(SetIamPolicyRequest) returns (Policy) {
|
126
|
+
# option (google.api.http) = {
|
127
|
+
# post: "/v1/{resource=**}:setIamPolicy"
|
128
|
+
# body: "*"
|
129
|
+
# };
|
130
|
+
# }
|
131
|
+
#
|
132
|
+
# // Gets the access control policy for a resource.
|
133
|
+
# // Returns an empty policy if the resource exists and does not have a policy
|
134
|
+
# // set.
|
135
|
+
# rpc GetIamPolicy(GetIamPolicyRequest) returns (Policy) {
|
136
|
+
# option (google.api.http) = {
|
137
|
+
# post: "/v1/{resource=**}:getIamPolicy"
|
138
|
+
# body: "*"
|
139
|
+
# };
|
140
|
+
# }
|
141
|
+
#
|
142
|
+
# // Returns permissions that a caller has on the specified resource.
|
143
|
+
# // If the resource does not exist, this will return an empty set of
|
144
|
+
# // permissions, not a `NOT_FOUND` error.
|
145
|
+
# //
|
146
|
+
# // Note: This operation is designed to be used for building permission-aware
|
147
|
+
# // UIs and command-line tools, not for authorization checking. This operation
|
148
|
+
# // may "fail open" without warning.
|
149
|
+
# rpc TestIamPermissions(TestIamPermissionsRequest) returns (TestIamPermissionsResponse) {
|
150
|
+
# option (google.api.http) = {
|
151
|
+
# post: "/v1/{resource=**}:testIamPermissions"
|
152
|
+
# body: "*"
|
153
|
+
# };
|
154
|
+
# }
|
155
|
+
# }
|
156
|
+
#
|
157
|
+
# // Request message for `SetIamPolicy` method.
|
158
|
+
# message SetIamPolicyRequest {
|
159
|
+
# // REQUIRED: The resource for which the policy is being specified.
|
160
|
+
# // See the operation documentation for the appropriate value for this field.
|
161
|
+
# string resource = 1 [
|
162
|
+
# (google.api.field_behavior) = REQUIRED,
|
163
|
+
# (google.api.resource_reference).type = "*"];
|
164
|
+
#
|
165
|
+
# // REQUIRED: The complete policy to be applied to the `resource`. The size of
|
166
|
+
# // the policy is limited to a few 10s of KB. An empty policy is a
|
167
|
+
# // valid policy but certain Cloud Platform services (such as Projects)
|
168
|
+
# // might reject them.
|
169
|
+
# Policy policy = 2 [(google.api.field_behavior) = REQUIRED];
|
170
|
+
#
|
171
|
+
# // OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
172
|
+
# // the fields in the mask will be modified. If no mask is provided, the
|
173
|
+
# // following default mask is used:
|
174
|
+
# //
|
175
|
+
# // `paths: "bindings, etag"`
|
176
|
+
# google.protobuf.FieldMask update_mask = 3;
|
177
|
+
# }
|
178
|
+
#
|
179
|
+
# // Request message for `GetIamPolicy` method.
|
180
|
+
# message GetIamPolicyRequest {
|
181
|
+
# // REQUIRED: The resource for which the policy is being requested.
|
182
|
+
# // See the operation documentation for the appropriate value for this field.
|
183
|
+
# string resource = 1 [
|
184
|
+
# (google.api.field_behavior) = REQUIRED,
|
185
|
+
# (google.api.resource_reference).type = "*"];
|
186
|
+
#
|
187
|
+
# // OPTIONAL: A `GetPolicyOptions` object for specifying options to
|
188
|
+
# // `GetIamPolicy`.
|
189
|
+
# GetPolicyOptions options = 2;
|
190
|
+
# }
|
191
|
+
#
|
192
|
+
# // Request message for `TestIamPermissions` method.
|
193
|
+
# message TestIamPermissionsRequest {
|
194
|
+
# // REQUIRED: The resource for which the policy detail is being requested.
|
195
|
+
# // See the operation documentation for the appropriate value for this field.
|
196
|
+
# string resource = 1[
|
197
|
+
# (google.api.field_behavior) = REQUIRED,
|
198
|
+
# (google.api.resource_reference).type = "*"];
|
199
|
+
#
|
200
|
+
# // The set of permissions to check for the `resource`. Permissions with
|
201
|
+
# // wildcards (such as '*' or 'storage.*') are not allowed. For more
|
202
|
+
# // information see
|
203
|
+
# // [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
|
204
|
+
# repeated string permissions = 2 [(google.api.field_behavior) = REQUIRED];
|
205
|
+
# }
|
206
|
+
#
|
207
|
+
# // Response message for `TestIamPermissions` method.
|
208
|
+
# message TestIamPermissionsResponse {
|
209
|
+
# // A subset of `TestPermissionsRequest.permissions` that the caller is
|
210
|
+
# // allowed.
|
211
|
+
# repeated string permissions = 1;
|
212
|
+
# }
|
@@ -1,14 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
3
|
# source: google/iam/v1/options.proto
|
3
4
|
|
4
5
|
require 'google/protobuf'
|
5
6
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
7
|
+
|
8
|
+
descriptor_data = "\n\x1bgoogle/iam/v1/options.proto\x12\rgoogle.iam.v1\"4\n\x10GetPolicyOptions\x12 \n\x18requested_policy_version\x18\x01 \x01(\x05\x42}\n\x11\x63om.google.iam.v1B\x0cOptionsProtoP\x01Z)cloud.google.com/go/iam/apiv1/iampb;iampb\xf8\x01\x01\xaa\x02\x13Google.Cloud.Iam.V1\xca\x02\x13Google\\Cloud\\Iam\\V1b\x06proto3"
|
9
|
+
|
10
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
11
|
+
|
12
|
+
begin
|
13
|
+
pool.add_serialized_file(descriptor_data)
|
14
|
+
rescue TypeError => e
|
15
|
+
# Compatibility code: will be removed in the next major version.
|
16
|
+
require 'google/protobuf/descriptor_pb'
|
17
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
18
|
+
parsed.clear_dependency
|
19
|
+
serialized = parsed.class.encode(parsed)
|
20
|
+
file = pool.add_serialized_file(serialized)
|
21
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
22
|
+
imports = [
|
23
|
+
]
|
24
|
+
imports.each do |type_name, expected_filename|
|
25
|
+
import_file = pool.lookup(type_name).file_descriptor
|
26
|
+
if import_file.name != expected_filename
|
27
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
10
28
|
end
|
11
29
|
end
|
30
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
31
|
+
warn "This will become an error in the next major version."
|
12
32
|
end
|
13
33
|
|
14
34
|
module Google
|
@@ -18,3 +38,54 @@ module Google
|
|
18
38
|
end
|
19
39
|
end
|
20
40
|
end
|
41
|
+
|
42
|
+
#### Source proto file: google/iam/v1/options.proto ####
|
43
|
+
#
|
44
|
+
# // Copyright 2022 Google LLC
|
45
|
+
# //
|
46
|
+
# // Licensed under the Apache License, Version 2.0 (the "License");
|
47
|
+
# // you may not use this file except in compliance with the License.
|
48
|
+
# // You may obtain a copy of the License at
|
49
|
+
# //
|
50
|
+
# // http://www.apache.org/licenses/LICENSE-2.0
|
51
|
+
# //
|
52
|
+
# // Unless required by applicable law or agreed to in writing, software
|
53
|
+
# // distributed under the License is distributed on an "AS IS" BASIS,
|
54
|
+
# // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
55
|
+
# // See the License for the specific language governing permissions and
|
56
|
+
# // limitations under the License.
|
57
|
+
#
|
58
|
+
# syntax = "proto3";
|
59
|
+
#
|
60
|
+
# package google.iam.v1;
|
61
|
+
#
|
62
|
+
# option cc_enable_arenas = true;
|
63
|
+
# option csharp_namespace = "Google.Cloud.Iam.V1";
|
64
|
+
# option go_package = "cloud.google.com/go/iam/apiv1/iampb;iampb";
|
65
|
+
# option java_multiple_files = true;
|
66
|
+
# option java_outer_classname = "OptionsProto";
|
67
|
+
# option java_package = "com.google.iam.v1";
|
68
|
+
# option php_namespace = "Google\\Cloud\\Iam\\V1";
|
69
|
+
#
|
70
|
+
# // Encapsulates settings provided to GetIamPolicy.
|
71
|
+
# message GetPolicyOptions {
|
72
|
+
# // Optional. The maximum policy version that will be used to format the
|
73
|
+
# // policy.
|
74
|
+
# //
|
75
|
+
# // Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
76
|
+
# // rejected.
|
77
|
+
# //
|
78
|
+
# // Requests for policies with any conditional role bindings must specify
|
79
|
+
# // version 3. Policies with no conditional role bindings may specify any valid
|
80
|
+
# // value or leave the field unset.
|
81
|
+
# //
|
82
|
+
# // The policy in the response might use the policy version that you specified,
|
83
|
+
# // or it might use a lower policy version. For example, if you specify version
|
84
|
+
# // 3, but the policy has no conditional role bindings, the response uses
|
85
|
+
# // version 1.
|
86
|
+
# //
|
87
|
+
# // To learn which resources support conditions in their IAM policies, see the
|
88
|
+
# // [IAM
|
89
|
+
# // documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
90
|
+
# int32 requested_policy_version = 1;
|
91
|
+
# }
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
3
|
# source: google/iam/v1/policy.proto
|
3
4
|
|
@@ -5,60 +6,32 @@ require 'google/protobuf'
|
|
5
6
|
|
6
7
|
require 'google/type/expr_pb'
|
7
8
|
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
value :LOG_TYPE_UNSPECIFIED, 0
|
31
|
-
value :ADMIN_READ, 1
|
32
|
-
value :DATA_WRITE, 2
|
33
|
-
value :DATA_READ, 3
|
34
|
-
end
|
35
|
-
add_message "google.iam.v1.PolicyDelta" do
|
36
|
-
repeated :binding_deltas, :message, 1, "google.iam.v1.BindingDelta"
|
37
|
-
repeated :audit_config_deltas, :message, 2, "google.iam.v1.AuditConfigDelta"
|
38
|
-
end
|
39
|
-
add_message "google.iam.v1.BindingDelta" do
|
40
|
-
optional :action, :enum, 1, "google.iam.v1.BindingDelta.Action"
|
41
|
-
optional :role, :string, 2
|
42
|
-
optional :member, :string, 3
|
43
|
-
optional :condition, :message, 4, "google.type.Expr"
|
44
|
-
end
|
45
|
-
add_enum "google.iam.v1.BindingDelta.Action" do
|
46
|
-
value :ACTION_UNSPECIFIED, 0
|
47
|
-
value :ADD, 1
|
48
|
-
value :REMOVE, 2
|
49
|
-
end
|
50
|
-
add_message "google.iam.v1.AuditConfigDelta" do
|
51
|
-
optional :action, :enum, 1, "google.iam.v1.AuditConfigDelta.Action"
|
52
|
-
optional :service, :string, 2
|
53
|
-
optional :exempted_member, :string, 3
|
54
|
-
optional :log_type, :string, 4
|
55
|
-
end
|
56
|
-
add_enum "google.iam.v1.AuditConfigDelta.Action" do
|
57
|
-
value :ACTION_UNSPECIFIED, 0
|
58
|
-
value :ADD, 1
|
59
|
-
value :REMOVE, 2
|
9
|
+
|
10
|
+
descriptor_data = "\n\x1agoogle/iam/v1/policy.proto\x12\rgoogle.iam.v1\x1a\x16google/type/expr.proto\"\x84\x01\n\x06Policy\x12\x0f\n\x07version\x18\x01 \x01(\x05\x12(\n\x08\x62indings\x18\x04 \x03(\x0b\x32\x16.google.iam.v1.Binding\x12\x31\n\raudit_configs\x18\x06 \x03(\x0b\x32\x1a.google.iam.v1.AuditConfig\x12\x0c\n\x04\x65tag\x18\x03 \x01(\x0c\"N\n\x07\x42inding\x12\x0c\n\x04role\x18\x01 \x01(\t\x12\x0f\n\x07members\x18\x02 \x03(\t\x12$\n\tcondition\x18\x03 \x01(\x0b\x32\x11.google.type.Expr\"X\n\x0b\x41uditConfig\x12\x0f\n\x07service\x18\x01 \x01(\t\x12\x38\n\x11\x61udit_log_configs\x18\x03 \x03(\x0b\x32\x1d.google.iam.v1.AuditLogConfig\"\xb7\x01\n\x0e\x41uditLogConfig\x12\x37\n\x08log_type\x18\x01 \x01(\x0e\x32%.google.iam.v1.AuditLogConfig.LogType\x12\x18\n\x10\x65xempted_members\x18\x02 \x03(\t\"R\n\x07LogType\x12\x18\n\x14LOG_TYPE_UNSPECIFIED\x10\x00\x12\x0e\n\nADMIN_READ\x10\x01\x12\x0e\n\nDATA_WRITE\x10\x02\x12\r\n\tDATA_READ\x10\x03\"\x80\x01\n\x0bPolicyDelta\x12\x33\n\x0e\x62inding_deltas\x18\x01 \x03(\x0b\x32\x1b.google.iam.v1.BindingDelta\x12<\n\x13\x61udit_config_deltas\x18\x02 \x03(\x0b\x32\x1f.google.iam.v1.AuditConfigDelta\"\xbd\x01\n\x0c\x42indingDelta\x12\x32\n\x06\x61\x63tion\x18\x01 \x01(\x0e\x32\".google.iam.v1.BindingDelta.Action\x12\x0c\n\x04role\x18\x02 \x01(\t\x12\x0e\n\x06member\x18\x03 \x01(\t\x12$\n\tcondition\x18\x04 \x01(\x0b\x32\x11.google.type.Expr\"5\n\x06\x41\x63tion\x12\x16\n\x12\x41\x43TION_UNSPECIFIED\x10\x00\x12\x07\n\x03\x41\x44\x44\x10\x01\x12\n\n\x06REMOVE\x10\x02\"\xbd\x01\n\x10\x41uditConfigDelta\x12\x36\n\x06\x61\x63tion\x18\x01 \x01(\x0e\x32&.google.iam.v1.AuditConfigDelta.Action\x12\x0f\n\x07service\x18\x02 \x01(\t\x12\x17\n\x0f\x65xempted_member\x18\x03 \x01(\t\x12\x10\n\x08log_type\x18\x04 \x01(\t\"5\n\x06\x41\x63tion\x12\x16\n\x12\x41\x43TION_UNSPECIFIED\x10\x00\x12\x07\n\x03\x41\x44\x44\x10\x01\x12\n\n\x06REMOVE\x10\x02\x42|\n\x11\x63om.google.iam.v1B\x0bPolicyProtoP\x01Z)cloud.google.com/go/iam/apiv1/iampb;iampb\xf8\x01\x01\xaa\x02\x13Google.Cloud.Iam.V1\xca\x02\x13Google\\Cloud\\Iam\\V1b\x06proto3"
|
11
|
+
|
12
|
+
pool = Google::Protobuf::DescriptorPool.generated_pool
|
13
|
+
|
14
|
+
begin
|
15
|
+
pool.add_serialized_file(descriptor_data)
|
16
|
+
rescue TypeError => e
|
17
|
+
# Compatibility code: will be removed in the next major version.
|
18
|
+
require 'google/protobuf/descriptor_pb'
|
19
|
+
parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
|
20
|
+
parsed.clear_dependency
|
21
|
+
serialized = parsed.class.encode(parsed)
|
22
|
+
file = pool.add_serialized_file(serialized)
|
23
|
+
warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
|
24
|
+
imports = [
|
25
|
+
["google.type.Expr", "google/type/expr.proto"],
|
26
|
+
]
|
27
|
+
imports.each do |type_name, expected_filename|
|
28
|
+
import_file = pool.lookup(type_name).file_descriptor
|
29
|
+
if import_file.name != expected_filename
|
30
|
+
warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
|
60
31
|
end
|
61
32
|
end
|
33
|
+
warn "Each proto file must use a consistent fully-qualified name."
|
34
|
+
warn "This will become an error in the next major version."
|
62
35
|
end
|
63
36
|
|
64
37
|
module Google
|
@@ -77,3 +50,416 @@ module Google
|
|
77
50
|
end
|
78
51
|
end
|
79
52
|
end
|
53
|
+
|
54
|
+
#### Source proto file: google/iam/v1/policy.proto ####
|
55
|
+
#
|
56
|
+
# // Copyright 2023 Google LLC
|
57
|
+
# //
|
58
|
+
# // Licensed under the Apache License, Version 2.0 (the "License");
|
59
|
+
# // you may not use this file except in compliance with the License.
|
60
|
+
# // You may obtain a copy of the License at
|
61
|
+
# //
|
62
|
+
# // http://www.apache.org/licenses/LICENSE-2.0
|
63
|
+
# //
|
64
|
+
# // Unless required by applicable law or agreed to in writing, software
|
65
|
+
# // distributed under the License is distributed on an "AS IS" BASIS,
|
66
|
+
# // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
67
|
+
# // See the License for the specific language governing permissions and
|
68
|
+
# // limitations under the License.
|
69
|
+
#
|
70
|
+
# syntax = "proto3";
|
71
|
+
#
|
72
|
+
# package google.iam.v1;
|
73
|
+
#
|
74
|
+
# import "google/type/expr.proto";
|
75
|
+
#
|
76
|
+
# option cc_enable_arenas = true;
|
77
|
+
# option csharp_namespace = "Google.Cloud.Iam.V1";
|
78
|
+
# option go_package = "cloud.google.com/go/iam/apiv1/iampb;iampb";
|
79
|
+
# option java_multiple_files = true;
|
80
|
+
# option java_outer_classname = "PolicyProto";
|
81
|
+
# option java_package = "com.google.iam.v1";
|
82
|
+
# option php_namespace = "Google\\Cloud\\Iam\\V1";
|
83
|
+
#
|
84
|
+
# // An Identity and Access Management (IAM) policy, which specifies access
|
85
|
+
# // controls for Google Cloud resources.
|
86
|
+
# //
|
87
|
+
# //
|
88
|
+
# // A `Policy` is a collection of `bindings`. A `binding` binds one or more
|
89
|
+
# // `members`, or principals, to a single `role`. Principals can be user
|
90
|
+
# // accounts, service accounts, Google groups, and domains (such as G Suite). A
|
91
|
+
# // `role` is a named list of permissions; each `role` can be an IAM predefined
|
92
|
+
# // role or a user-created custom role.
|
93
|
+
# //
|
94
|
+
# // For some types of Google Cloud resources, a `binding` can also specify a
|
95
|
+
# // `condition`, which is a logical expression that allows access to a resource
|
96
|
+
# // only if the expression evaluates to `true`. A condition can add constraints
|
97
|
+
# // based on attributes of the request, the resource, or both. To learn which
|
98
|
+
# // resources support conditions in their IAM policies, see the
|
99
|
+
# // [IAM
|
100
|
+
# // documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
101
|
+
# //
|
102
|
+
# // **JSON example:**
|
103
|
+
# //
|
104
|
+
# // ```
|
105
|
+
# // {
|
106
|
+
# // "bindings": [
|
107
|
+
# // {
|
108
|
+
# // "role": "roles/resourcemanager.organizationAdmin",
|
109
|
+
# // "members": [
|
110
|
+
# // "user:mike@example.com",
|
111
|
+
# // "group:admins@example.com",
|
112
|
+
# // "domain:google.com",
|
113
|
+
# // "serviceAccount:my-project-id@appspot.gserviceaccount.com"
|
114
|
+
# // ]
|
115
|
+
# // },
|
116
|
+
# // {
|
117
|
+
# // "role": "roles/resourcemanager.organizationViewer",
|
118
|
+
# // "members": [
|
119
|
+
# // "user:eve@example.com"
|
120
|
+
# // ],
|
121
|
+
# // "condition": {
|
122
|
+
# // "title": "expirable access",
|
123
|
+
# // "description": "Does not grant access after Sep 2020",
|
124
|
+
# // "expression": "request.time <
|
125
|
+
# // timestamp('2020-10-01T00:00:00.000Z')",
|
126
|
+
# // }
|
127
|
+
# // }
|
128
|
+
# // ],
|
129
|
+
# // "etag": "BwWWja0YfJA=",
|
130
|
+
# // "version": 3
|
131
|
+
# // }
|
132
|
+
# // ```
|
133
|
+
# //
|
134
|
+
# // **YAML example:**
|
135
|
+
# //
|
136
|
+
# // ```
|
137
|
+
# // bindings:
|
138
|
+
# // - members:
|
139
|
+
# // - user:mike@example.com
|
140
|
+
# // - group:admins@example.com
|
141
|
+
# // - domain:google.com
|
142
|
+
# // - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
143
|
+
# // role: roles/resourcemanager.organizationAdmin
|
144
|
+
# // - members:
|
145
|
+
# // - user:eve@example.com
|
146
|
+
# // role: roles/resourcemanager.organizationViewer
|
147
|
+
# // condition:
|
148
|
+
# // title: expirable access
|
149
|
+
# // description: Does not grant access after Sep 2020
|
150
|
+
# // expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
|
151
|
+
# // etag: BwWWja0YfJA=
|
152
|
+
# // version: 3
|
153
|
+
# // ```
|
154
|
+
# //
|
155
|
+
# // For a description of IAM and its features, see the
|
156
|
+
# // [IAM documentation](https://cloud.google.com/iam/docs/).
|
157
|
+
# message Policy {
|
158
|
+
# // Specifies the format of the policy.
|
159
|
+
# //
|
160
|
+
# // Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
|
161
|
+
# // are rejected.
|
162
|
+
# //
|
163
|
+
# // Any operation that affects conditional role bindings must specify version
|
164
|
+
# // `3`. This requirement applies to the following operations:
|
165
|
+
# //
|
166
|
+
# // * Getting a policy that includes a conditional role binding
|
167
|
+
# // * Adding a conditional role binding to a policy
|
168
|
+
# // * Changing a conditional role binding in a policy
|
169
|
+
# // * Removing any role binding, with or without a condition, from a policy
|
170
|
+
# // that includes conditions
|
171
|
+
# //
|
172
|
+
# // **Important:** If you use IAM Conditions, you must include the `etag` field
|
173
|
+
# // whenever you call `setIamPolicy`. If you omit this field, then IAM allows
|
174
|
+
# // you to overwrite a version `3` policy with a version `1` policy, and all of
|
175
|
+
# // the conditions in the version `3` policy are lost.
|
176
|
+
# //
|
177
|
+
# // If a policy does not include any conditions, operations on that policy may
|
178
|
+
# // specify any valid version or leave the field unset.
|
179
|
+
# //
|
180
|
+
# // To learn which resources support conditions in their IAM policies, see the
|
181
|
+
# // [IAM
|
182
|
+
# // documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
183
|
+
# int32 version = 1;
|
184
|
+
#
|
185
|
+
# // Associates a list of `members`, or principals, with a `role`. Optionally,
|
186
|
+
# // may specify a `condition` that determines how and when the `bindings` are
|
187
|
+
# // applied. Each of the `bindings` must contain at least one principal.
|
188
|
+
# //
|
189
|
+
# // The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250
|
190
|
+
# // of these principals can be Google groups. Each occurrence of a principal
|
191
|
+
# // counts towards these limits. For example, if the `bindings` grant 50
|
192
|
+
# // different roles to `user:alice@example.com`, and not to any other
|
193
|
+
# // principal, then you can add another 1,450 principals to the `bindings` in
|
194
|
+
# // the `Policy`.
|
195
|
+
# repeated Binding bindings = 4;
|
196
|
+
#
|
197
|
+
# // Specifies cloud audit logging configuration for this policy.
|
198
|
+
# repeated AuditConfig audit_configs = 6;
|
199
|
+
#
|
200
|
+
# // `etag` is used for optimistic concurrency control as a way to help
|
201
|
+
# // prevent simultaneous updates of a policy from overwriting each other.
|
202
|
+
# // It is strongly suggested that systems make use of the `etag` in the
|
203
|
+
# // read-modify-write cycle to perform policy updates in order to avoid race
|
204
|
+
# // conditions: An `etag` is returned in the response to `getIamPolicy`, and
|
205
|
+
# // systems are expected to put that etag in the request to `setIamPolicy` to
|
206
|
+
# // ensure that their change will be applied to the same version of the policy.
|
207
|
+
# //
|
208
|
+
# // **Important:** If you use IAM Conditions, you must include the `etag` field
|
209
|
+
# // whenever you call `setIamPolicy`. If you omit this field, then IAM allows
|
210
|
+
# // you to overwrite a version `3` policy with a version `1` policy, and all of
|
211
|
+
# // the conditions in the version `3` policy are lost.
|
212
|
+
# bytes etag = 3;
|
213
|
+
# }
|
214
|
+
#
|
215
|
+
# // Associates `members`, or principals, with a `role`.
|
216
|
+
# message Binding {
|
217
|
+
# // Role that is assigned to the list of `members`, or principals.
|
218
|
+
# // For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
|
219
|
+
# string role = 1;
|
220
|
+
#
|
221
|
+
# // Specifies the principals requesting access for a Google Cloud resource.
|
222
|
+
# // `members` can have the following values:
|
223
|
+
# //
|
224
|
+
# // * `allUsers`: A special identifier that represents anyone who is
|
225
|
+
# // on the internet; with or without a Google account.
|
226
|
+
# //
|
227
|
+
# // * `allAuthenticatedUsers`: A special identifier that represents anyone
|
228
|
+
# // who is authenticated with a Google account or a service account.
|
229
|
+
# //
|
230
|
+
# // * `user:{emailid}`: An email address that represents a specific Google
|
231
|
+
# // account. For example, `alice@example.com` .
|
232
|
+
# //
|
233
|
+
# //
|
234
|
+
# // * `serviceAccount:{emailid}`: An email address that represents a service
|
235
|
+
# // account. For example, `my-other-app@appspot.gserviceaccount.com`.
|
236
|
+
# //
|
237
|
+
# // * `group:{emailid}`: An email address that represents a Google group.
|
238
|
+
# // For example, `admins@example.com`.
|
239
|
+
# //
|
240
|
+
# // * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique
|
241
|
+
# // identifier) representing a user that has been recently deleted. For
|
242
|
+
# // example, `alice@example.com?uid=123456789012345678901`. If the user is
|
243
|
+
# // recovered, this value reverts to `user:{emailid}` and the recovered user
|
244
|
+
# // retains the role in the binding.
|
245
|
+
# //
|
246
|
+
# // * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
|
247
|
+
# // unique identifier) representing a service account that has been recently
|
248
|
+
# // deleted. For example,
|
249
|
+
# // `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
|
250
|
+
# // If the service account is undeleted, this value reverts to
|
251
|
+
# // `serviceAccount:{emailid}` and the undeleted service account retains the
|
252
|
+
# // role in the binding.
|
253
|
+
# //
|
254
|
+
# // * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique
|
255
|
+
# // identifier) representing a Google group that has been recently
|
256
|
+
# // deleted. For example, `admins@example.com?uid=123456789012345678901`. If
|
257
|
+
# // the group is recovered, this value reverts to `group:{emailid}` and the
|
258
|
+
# // recovered group retains the role in the binding.
|
259
|
+
# //
|
260
|
+
# //
|
261
|
+
# // * `domain:{domain}`: The G Suite domain (primary) that represents all the
|
262
|
+
# // users of that domain. For example, `google.com` or `example.com`.
|
263
|
+
# //
|
264
|
+
# //
|
265
|
+
# repeated string members = 2;
|
266
|
+
#
|
267
|
+
# // The condition that is associated with this binding.
|
268
|
+
# //
|
269
|
+
# // If the condition evaluates to `true`, then this binding applies to the
|
270
|
+
# // current request.
|
271
|
+
# //
|
272
|
+
# // If the condition evaluates to `false`, then this binding does not apply to
|
273
|
+
# // the current request. However, a different role binding might grant the same
|
274
|
+
# // role to one or more of the principals in this binding.
|
275
|
+
# //
|
276
|
+
# // To learn which resources support conditions in their IAM policies, see the
|
277
|
+
# // [IAM
|
278
|
+
# // documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
|
279
|
+
# google.type.Expr condition = 3;
|
280
|
+
# }
|
281
|
+
#
|
282
|
+
# // Specifies the audit configuration for a service.
|
283
|
+
# // The configuration determines which permission types are logged, and what
|
284
|
+
# // identities, if any, are exempted from logging.
|
285
|
+
# // An AuditConfig must have one or more AuditLogConfigs.
|
286
|
+
# //
|
287
|
+
# // If there are AuditConfigs for both `allServices` and a specific service,
|
288
|
+
# // the union of the two AuditConfigs is used for that service: the log_types
|
289
|
+
# // specified in each AuditConfig are enabled, and the exempted_members in each
|
290
|
+
# // AuditLogConfig are exempted.
|
291
|
+
# //
|
292
|
+
# // Example Policy with multiple AuditConfigs:
|
293
|
+
# //
|
294
|
+
# // {
|
295
|
+
# // "audit_configs": [
|
296
|
+
# // {
|
297
|
+
# // "service": "allServices",
|
298
|
+
# // "audit_log_configs": [
|
299
|
+
# // {
|
300
|
+
# // "log_type": "DATA_READ",
|
301
|
+
# // "exempted_members": [
|
302
|
+
# // "user:jose@example.com"
|
303
|
+
# // ]
|
304
|
+
# // },
|
305
|
+
# // {
|
306
|
+
# // "log_type": "DATA_WRITE"
|
307
|
+
# // },
|
308
|
+
# // {
|
309
|
+
# // "log_type": "ADMIN_READ"
|
310
|
+
# // }
|
311
|
+
# // ]
|
312
|
+
# // },
|
313
|
+
# // {
|
314
|
+
# // "service": "sampleservice.googleapis.com",
|
315
|
+
# // "audit_log_configs": [
|
316
|
+
# // {
|
317
|
+
# // "log_type": "DATA_READ"
|
318
|
+
# // },
|
319
|
+
# // {
|
320
|
+
# // "log_type": "DATA_WRITE",
|
321
|
+
# // "exempted_members": [
|
322
|
+
# // "user:aliya@example.com"
|
323
|
+
# // ]
|
324
|
+
# // }
|
325
|
+
# // ]
|
326
|
+
# // }
|
327
|
+
# // ]
|
328
|
+
# // }
|
329
|
+
# //
|
330
|
+
# // For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
|
331
|
+
# // logging. It also exempts `jose@example.com` from DATA_READ logging, and
|
332
|
+
# // `aliya@example.com` from DATA_WRITE logging.
|
333
|
+
# message AuditConfig {
|
334
|
+
# // Specifies a service that will be enabled for audit logging.
|
335
|
+
# // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
|
336
|
+
# // `allServices` is a special value that covers all services.
|
337
|
+
# string service = 1;
|
338
|
+
#
|
339
|
+
# // The configuration for logging of each type of permission.
|
340
|
+
# repeated AuditLogConfig audit_log_configs = 3;
|
341
|
+
# }
|
342
|
+
#
|
343
|
+
# // Provides the configuration for logging a type of permissions.
|
344
|
+
# // Example:
|
345
|
+
# //
|
346
|
+
# // {
|
347
|
+
# // "audit_log_configs": [
|
348
|
+
# // {
|
349
|
+
# // "log_type": "DATA_READ",
|
350
|
+
# // "exempted_members": [
|
351
|
+
# // "user:jose@example.com"
|
352
|
+
# // ]
|
353
|
+
# // },
|
354
|
+
# // {
|
355
|
+
# // "log_type": "DATA_WRITE"
|
356
|
+
# // }
|
357
|
+
# // ]
|
358
|
+
# // }
|
359
|
+
# //
|
360
|
+
# // This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
|
361
|
+
# // jose@example.com from DATA_READ logging.
|
362
|
+
# message AuditLogConfig {
|
363
|
+
# // The list of valid permission types for which logging can be configured.
|
364
|
+
# // Admin writes are always logged, and are not configurable.
|
365
|
+
# enum LogType {
|
366
|
+
# // Default case. Should never be this.
|
367
|
+
# LOG_TYPE_UNSPECIFIED = 0;
|
368
|
+
#
|
369
|
+
# // Admin reads. Example: CloudIAM getIamPolicy
|
370
|
+
# ADMIN_READ = 1;
|
371
|
+
#
|
372
|
+
# // Data writes. Example: CloudSQL Users create
|
373
|
+
# DATA_WRITE = 2;
|
374
|
+
#
|
375
|
+
# // Data reads. Example: CloudSQL Users list
|
376
|
+
# DATA_READ = 3;
|
377
|
+
# }
|
378
|
+
#
|
379
|
+
# // The log type that this config enables.
|
380
|
+
# LogType log_type = 1;
|
381
|
+
#
|
382
|
+
# // Specifies the identities that do not cause logging for this type of
|
383
|
+
# // permission.
|
384
|
+
# // Follows the same format of
|
385
|
+
# // [Binding.members][google.iam.v1.Binding.members].
|
386
|
+
# repeated string exempted_members = 2;
|
387
|
+
# }
|
388
|
+
#
|
389
|
+
# // The difference delta between two policies.
|
390
|
+
# message PolicyDelta {
|
391
|
+
# // The delta for Bindings between two policies.
|
392
|
+
# repeated BindingDelta binding_deltas = 1;
|
393
|
+
#
|
394
|
+
# // The delta for AuditConfigs between two policies.
|
395
|
+
# repeated AuditConfigDelta audit_config_deltas = 2;
|
396
|
+
# }
|
397
|
+
#
|
398
|
+
# // One delta entry for Binding. Each individual change (only one member in each
|
399
|
+
# // entry) to a binding will be a separate entry.
|
400
|
+
# message BindingDelta {
|
401
|
+
# // The type of action performed on a Binding in a policy.
|
402
|
+
# enum Action {
|
403
|
+
# // Unspecified.
|
404
|
+
# ACTION_UNSPECIFIED = 0;
|
405
|
+
#
|
406
|
+
# // Addition of a Binding.
|
407
|
+
# ADD = 1;
|
408
|
+
#
|
409
|
+
# // Removal of a Binding.
|
410
|
+
# REMOVE = 2;
|
411
|
+
# }
|
412
|
+
#
|
413
|
+
# // The action that was performed on a Binding.
|
414
|
+
# // Required
|
415
|
+
# Action action = 1;
|
416
|
+
#
|
417
|
+
# // Role that is assigned to `members`.
|
418
|
+
# // For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
|
419
|
+
# // Required
|
420
|
+
# string role = 2;
|
421
|
+
#
|
422
|
+
# // A single identity requesting access for a Google Cloud resource.
|
423
|
+
# // Follows the same format of Binding.members.
|
424
|
+
# // Required
|
425
|
+
# string member = 3;
|
426
|
+
#
|
427
|
+
# // The condition that is associated with this binding.
|
428
|
+
# google.type.Expr condition = 4;
|
429
|
+
# }
|
430
|
+
#
|
431
|
+
# // One delta entry for AuditConfig. Each individual change (only one
|
432
|
+
# // exempted_member in each entry) to a AuditConfig will be a separate entry.
|
433
|
+
# message AuditConfigDelta {
|
434
|
+
# // The type of action performed on an audit configuration in a policy.
|
435
|
+
# enum Action {
|
436
|
+
# // Unspecified.
|
437
|
+
# ACTION_UNSPECIFIED = 0;
|
438
|
+
#
|
439
|
+
# // Addition of an audit configuration.
|
440
|
+
# ADD = 1;
|
441
|
+
#
|
442
|
+
# // Removal of an audit configuration.
|
443
|
+
# REMOVE = 2;
|
444
|
+
# }
|
445
|
+
#
|
446
|
+
# // The action that was performed on an audit configuration in a policy.
|
447
|
+
# // Required
|
448
|
+
# Action action = 1;
|
449
|
+
#
|
450
|
+
# // Specifies a service that was configured for Cloud Audit Logging.
|
451
|
+
# // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
|
452
|
+
# // `allServices` is a special value that covers all services.
|
453
|
+
# // Required
|
454
|
+
# string service = 2;
|
455
|
+
#
|
456
|
+
# // A single identity that is exempted from "data access" audit
|
457
|
+
# // logging for the `service` specified above.
|
458
|
+
# // Follows the same format of Binding.members.
|
459
|
+
# string exempted_member = 3;
|
460
|
+
#
|
461
|
+
# // Specifies the log_type that was be enabled. ADMIN_ACTIVITY is always
|
462
|
+
# // enabled, and cannot be configured.
|
463
|
+
# // Required
|
464
|
+
# string log_type = 4;
|
465
|
+
# }
|
metadata
CHANGED
@@ -1,63 +1,57 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: grpc-google-iam-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-12-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: googleapis-common-protos
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- - "
|
18
|
-
- !ruby/object:Gem::Version
|
19
|
-
version: 1.3.12
|
20
|
-
- - "<"
|
17
|
+
- - "~>"
|
21
18
|
- !ruby/object:Gem::Version
|
22
|
-
version: '
|
19
|
+
version: '1.4'
|
23
20
|
type: :runtime
|
24
21
|
prerelease: false
|
25
22
|
version_requirements: !ruby/object:Gem::Requirement
|
26
23
|
requirements:
|
27
|
-
- - "
|
28
|
-
- !ruby/object:Gem::Version
|
29
|
-
version: 1.3.12
|
30
|
-
- - "<"
|
24
|
+
- - "~>"
|
31
25
|
- !ruby/object:Gem::Version
|
32
|
-
version: '
|
26
|
+
version: '1.4'
|
33
27
|
- !ruby/object:Gem::Dependency
|
34
28
|
name: google-protobuf
|
35
29
|
requirement: !ruby/object:Gem::Requirement
|
36
30
|
requirements:
|
37
31
|
- - "~>"
|
38
32
|
- !ruby/object:Gem::Version
|
39
|
-
version: '3.
|
33
|
+
version: '3.18'
|
40
34
|
type: :runtime
|
41
35
|
prerelease: false
|
42
36
|
version_requirements: !ruby/object:Gem::Requirement
|
43
37
|
requirements:
|
44
38
|
- - "~>"
|
45
39
|
- !ruby/object:Gem::Version
|
46
|
-
version: '3.
|
40
|
+
version: '3.18'
|
47
41
|
- !ruby/object:Gem::Dependency
|
48
42
|
name: grpc
|
49
43
|
requirement: !ruby/object:Gem::Requirement
|
50
44
|
requirements:
|
51
45
|
- - "~>"
|
52
46
|
- !ruby/object:Gem::Version
|
53
|
-
version: '1.
|
47
|
+
version: '1.41'
|
54
48
|
type: :runtime
|
55
49
|
prerelease: false
|
56
50
|
version_requirements: !ruby/object:Gem::Requirement
|
57
51
|
requirements:
|
58
52
|
- - "~>"
|
59
53
|
- !ruby/object:Gem::Version
|
60
|
-
version: '1.
|
54
|
+
version: '1.41'
|
61
55
|
description: Common protos and gRPC services for Google IAM
|
62
56
|
email:
|
63
57
|
- googleapis-packages@google.com
|
@@ -91,7 +85,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
91
85
|
- !ruby/object:Gem::Version
|
92
86
|
version: '0'
|
93
87
|
requirements: []
|
94
|
-
rubygems_version: 3.
|
88
|
+
rubygems_version: 3.4.19
|
95
89
|
signing_key:
|
96
90
|
specification_version: 4
|
97
91
|
summary: Common protos and gRPC services for Google IAM
|