Skip to content
This repository was archived by the owner on Jul 6, 2023. It is now read-only.

Commit c22893b

Browse files
gcf-owl-bot[bot]parthea
gcf-owl-bot[bot]
and
parthea
authored
feat: AuditConfig for IAM v1 (#147)
* feat: AuditConfig for IAM v1 PiperOrigin-RevId: 439356405 Source-Link: googleapis/googleapis@afa2ba1 Source-Link: https://github.com/googleapis/googleapis-gen/commit/3e40c17e1510c95fab58fc2143ccb61cceca5989 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiM2U0MGMxN2UxNTEwYzk1ZmFiNThmYzIxNDNjY2I2MWNjZWNhNTk4OSJ9 * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * chore: set upper bounds for packages in setup.py * revert upper bound for proto-plus * fix(deps): require grpc-google-iam-v1 >=0.12.4 Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com> Co-authored-by: Anthonios Partheniou <[email protected]>
1 parent 0215295 commit c22893b

File tree

12 files changed

+212
-158
lines changed

12 files changed

+212
-158
lines changed

google/cloud/artifactregistry_v1/services/artifact_registry/async_client.py

+50-38
Original file line numberDiff line numberDiff line change
@@ -2583,21 +2583,26 @@ def sample_set_iam_policy():
25832583
25842584
Returns:
25852585
google.iam.v1.policy_pb2.Policy:
2586-
Defines an Identity and Access Management (IAM) policy. It is used to
2587-
specify access control policies for Cloud Platform
2588-
resources.
2586+
An Identity and Access Management (IAM) policy, which specifies access
2587+
controls for Google Cloud resources.
25892588
25902589
A Policy is a collection of bindings. A binding binds
2591-
one or more members to a single role. Members can be
2592-
user accounts, service accounts, Google groups, and
2593-
domains (such as G Suite). A role is a named list of
2594-
permissions (defined by IAM or configured by users).
2595-
A binding can optionally specify a condition, which
2596-
is a logic expression that further constrains the
2597-
role binding based on attributes about the request
2598-
and/or target resource.
2599-
2600-
**JSON Example**
2590+
one or more members, or principals, to a single role.
2591+
Principals can be user accounts, service accounts,
2592+
Google groups, and domains (such as G Suite). A role
2593+
is a named list of permissions; each role can be an
2594+
IAM predefined role or a user-created custom role.
2595+
2596+
For some types of Google Cloud resources, a binding
2597+
can also specify a condition, which is a logical
2598+
expression that allows access to a resource only if
2599+
the expression evaluates to true. A condition can add
2600+
constraints based on attributes of the request, the
2601+
resource, or both. To learn which resources support
2602+
conditions in their IAM policies, see the [IAM
2603+
documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies).
2604+
2605+
**JSON example:**
26012606
26022607
{
26032608
"bindings": [
@@ -2612,17 +2617,17 @@ def sample_set_iam_policy():
26122617
26132618
}, { "role":
26142619
"roles/resourcemanager.organizationViewer",
2615-
"members": ["user:[email protected]"],
2620+
"members": [ "user:[email protected]" ],
26162621
"condition": { "title": "expirable access",
26172622
"description": "Does not grant access after
26182623
Sep 2020", "expression": "request.time <
26192624
timestamp('2020-10-01T00:00:00.000Z')", } }
26202625
2621-
]
2626+
], "etag": "BwWWja0YfJA=", "version": 3
26222627
26232628
}
26242629
2625-
**YAML Example**
2630+
**YAML example:**
26262631
26272632
bindings: - members: - user:\ [email protected] -
26282633
group:\ [email protected] - domain:google.com -
@@ -2633,11 +2638,12 @@ def sample_set_iam_policy():
26332638
condition: title: expirable access description:
26342639
Does not grant access after Sep 2020 expression:
26352640
request.time <
2636-
timestamp('2020-10-01T00:00:00.000Z')
2641+
timestamp('2020-10-01T00:00:00.000Z') etag:
2642+
BwWWja0YfJA= version: 3
26372643
26382644
For a description of IAM and its features, see the
2639-
[IAM developer's
2640-
guide](\ https://cloud.google.com/iam/docs).
2645+
[IAM
2646+
documentation](\ https://cloud.google.com/iam/docs/).
26412647
26422648
"""
26432649
# Create or coerce a protobuf request object.
@@ -2712,21 +2718,26 @@ def sample_get_iam_policy():
27122718
27132719
Returns:
27142720
google.iam.v1.policy_pb2.Policy:
2715-
Defines an Identity and Access Management (IAM) policy. It is used to
2716-
specify access control policies for Cloud Platform
2717-
resources.
2721+
An Identity and Access Management (IAM) policy, which specifies access
2722+
controls for Google Cloud resources.
27182723
27192724
A Policy is a collection of bindings. A binding binds
2720-
one or more members to a single role. Members can be
2721-
user accounts, service accounts, Google groups, and
2722-
domains (such as G Suite). A role is a named list of
2723-
permissions (defined by IAM or configured by users).
2724-
A binding can optionally specify a condition, which
2725-
is a logic expression that further constrains the
2726-
role binding based on attributes about the request
2727-
and/or target resource.
2728-
2729-
**JSON Example**
2725+
one or more members, or principals, to a single role.
2726+
Principals can be user accounts, service accounts,
2727+
Google groups, and domains (such as G Suite). A role
2728+
is a named list of permissions; each role can be an
2729+
IAM predefined role or a user-created custom role.
2730+
2731+
For some types of Google Cloud resources, a binding
2732+
can also specify a condition, which is a logical
2733+
expression that allows access to a resource only if
2734+
the expression evaluates to true. A condition can add
2735+
constraints based on attributes of the request, the
2736+
resource, or both. To learn which resources support
2737+
conditions in their IAM policies, see the [IAM
2738+
documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies).
2739+
2740+
**JSON example:**
27302741
27312742
{
27322743
"bindings": [
@@ -2741,17 +2752,17 @@ def sample_get_iam_policy():
27412752
27422753
}, { "role":
27432754
"roles/resourcemanager.organizationViewer",
2744-
"members": ["user:[email protected]"],
2755+
"members": [ "user:[email protected]" ],
27452756
"condition": { "title": "expirable access",
27462757
"description": "Does not grant access after
27472758
Sep 2020", "expression": "request.time <
27482759
timestamp('2020-10-01T00:00:00.000Z')", } }
27492760
2750-
]
2761+
], "etag": "BwWWja0YfJA=", "version": 3
27512762
27522763
}
27532764
2754-
**YAML Example**
2765+
**YAML example:**
27552766
27562767
bindings: - members: - user:\ [email protected] -
27572768
group:\ [email protected] - domain:google.com -
@@ -2762,11 +2773,12 @@ def sample_get_iam_policy():
27622773
condition: title: expirable access description:
27632774
Does not grant access after Sep 2020 expression:
27642775
request.time <
2765-
timestamp('2020-10-01T00:00:00.000Z')
2776+
timestamp('2020-10-01T00:00:00.000Z') etag:
2777+
BwWWja0YfJA= version: 3
27662778
27672779
For a description of IAM and its features, see the
2768-
[IAM developer's
2769-
guide](\ https://cloud.google.com/iam/docs).
2780+
[IAM
2781+
documentation](\ https://cloud.google.com/iam/docs/).
27702782
27712783
"""
27722784
# Create or coerce a protobuf request object.

google/cloud/artifactregistry_v1/services/artifact_registry/client.py

+50-38
Original file line numberDiff line numberDiff line change
@@ -2952,21 +2952,26 @@ def sample_set_iam_policy():
29522952
29532953
Returns:
29542954
google.iam.v1.policy_pb2.Policy:
2955-
Defines an Identity and Access Management (IAM) policy. It is used to
2956-
specify access control policies for Cloud Platform
2957-
resources.
2955+
An Identity and Access Management (IAM) policy, which specifies access
2956+
controls for Google Cloud resources.
29582957
29592958
A Policy is a collection of bindings. A binding binds
2960-
one or more members to a single role. Members can be
2961-
user accounts, service accounts, Google groups, and
2962-
domains (such as G Suite). A role is a named list of
2963-
permissions (defined by IAM or configured by users).
2964-
A binding can optionally specify a condition, which
2965-
is a logic expression that further constrains the
2966-
role binding based on attributes about the request
2967-
and/or target resource.
2968-
2969-
**JSON Example**
2959+
one or more members, or principals, to a single role.
2960+
Principals can be user accounts, service accounts,
2961+
Google groups, and domains (such as G Suite). A role
2962+
is a named list of permissions; each role can be an
2963+
IAM predefined role or a user-created custom role.
2964+
2965+
For some types of Google Cloud resources, a binding
2966+
can also specify a condition, which is a logical
2967+
expression that allows access to a resource only if
2968+
the expression evaluates to true. A condition can add
2969+
constraints based on attributes of the request, the
2970+
resource, or both. To learn which resources support
2971+
conditions in their IAM policies, see the [IAM
2972+
documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies).
2973+
2974+
**JSON example:**
29702975
29712976
{
29722977
"bindings": [
@@ -2981,17 +2986,17 @@ def sample_set_iam_policy():
29812986
29822987
}, { "role":
29832988
"roles/resourcemanager.organizationViewer",
2984-
"members": ["user:[email protected]"],
2989+
"members": [ "user:[email protected]" ],
29852990
"condition": { "title": "expirable access",
29862991
"description": "Does not grant access after
29872992
Sep 2020", "expression": "request.time <
29882993
timestamp('2020-10-01T00:00:00.000Z')", } }
29892994
2990-
]
2995+
], "etag": "BwWWja0YfJA=", "version": 3
29912996
29922997
}
29932998
2994-
**YAML Example**
2999+
**YAML example:**
29953000
29963001
bindings: - members: - user:\ [email protected] -
29973002
group:\ [email protected] - domain:google.com -
@@ -3002,11 +3007,12 @@ def sample_set_iam_policy():
30023007
condition: title: expirable access description:
30033008
Does not grant access after Sep 2020 expression:
30043009
request.time <
3005-
timestamp('2020-10-01T00:00:00.000Z')
3010+
timestamp('2020-10-01T00:00:00.000Z') etag:
3011+
BwWWja0YfJA= version: 3
30063012
30073013
For a description of IAM and its features, see the
3008-
[IAM developer's
3009-
guide](\ https://cloud.google.com/iam/docs).
3014+
[IAM
3015+
documentation](\ https://cloud.google.com/iam/docs/).
30103016
30113017
"""
30123018
# Create or coerce a protobuf request object.
@@ -3080,21 +3086,26 @@ def sample_get_iam_policy():
30803086
30813087
Returns:
30823088
google.iam.v1.policy_pb2.Policy:
3083-
Defines an Identity and Access Management (IAM) policy. It is used to
3084-
specify access control policies for Cloud Platform
3085-
resources.
3089+
An Identity and Access Management (IAM) policy, which specifies access
3090+
controls for Google Cloud resources.
30863091
30873092
A Policy is a collection of bindings. A binding binds
3088-
one or more members to a single role. Members can be
3089-
user accounts, service accounts, Google groups, and
3090-
domains (such as G Suite). A role is a named list of
3091-
permissions (defined by IAM or configured by users).
3092-
A binding can optionally specify a condition, which
3093-
is a logic expression that further constrains the
3094-
role binding based on attributes about the request
3095-
and/or target resource.
3096-
3097-
**JSON Example**
3093+
one or more members, or principals, to a single role.
3094+
Principals can be user accounts, service accounts,
3095+
Google groups, and domains (such as G Suite). A role
3096+
is a named list of permissions; each role can be an
3097+
IAM predefined role or a user-created custom role.
3098+
3099+
For some types of Google Cloud resources, a binding
3100+
can also specify a condition, which is a logical
3101+
expression that allows access to a resource only if
3102+
the expression evaluates to true. A condition can add
3103+
constraints based on attributes of the request, the
3104+
resource, or both. To learn which resources support
3105+
conditions in their IAM policies, see the [IAM
3106+
documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies).
3107+
3108+
**JSON example:**
30983109
30993110
{
31003111
"bindings": [
@@ -3109,17 +3120,17 @@ def sample_get_iam_policy():
31093120
31103121
}, { "role":
31113122
"roles/resourcemanager.organizationViewer",
3112-
"members": ["user:[email protected]"],
3123+
"members": [ "user:[email protected]" ],
31133124
"condition": { "title": "expirable access",
31143125
"description": "Does not grant access after
31153126
Sep 2020", "expression": "request.time <
31163127
timestamp('2020-10-01T00:00:00.000Z')", } }
31173128
3118-
]
3129+
], "etag": "BwWWja0YfJA=", "version": 3
31193130
31203131
}
31213132
3122-
**YAML Example**
3133+
**YAML example:**
31233134
31243135
bindings: - members: - user:\ [email protected] -
31253136
group:\ [email protected] - domain:google.com -
@@ -3130,11 +3141,12 @@ def sample_get_iam_policy():
31303141
condition: title: expirable access description:
31313142
Does not grant access after Sep 2020 expression:
31323143
request.time <
3133-
timestamp('2020-10-01T00:00:00.000Z')
3144+
timestamp('2020-10-01T00:00:00.000Z') etag:
3145+
BwWWja0YfJA= version: 3
31343146
31353147
For a description of IAM and its features, see the
3136-
[IAM developer's
3137-
guide](\ https://cloud.google.com/iam/docs).
3148+
[IAM
3149+
documentation](\ https://cloud.google.com/iam/docs/).
31383150
31393151
"""
31403152
# Create or coerce a protobuf request object.

google/cloud/artifactregistry_v1/types/__init__.py

+3-1
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,9 @@
5050
Repository,
5151
UpdateRepositoryRequest,
5252
)
53-
from .service import OperationMetadata
53+
from .service import (
54+
OperationMetadata,
55+
)
5456
from .settings import (
5557
GetProjectSettingsRequest,
5658
ProjectSettings,

0 commit comments

Comments
 (0)