Skip to content

Commit

Permalink
chore: [iam] remove redundant gRPC service config file (#5897)
Browse files Browse the repository at this point in the history
* feat: new iam v3 client for PrincipalAccessBoundaryPolicies

PiperOrigin-RevId: 708027798

Source-Link: googleapis/googleapis@5e258e3

Source-Link: googleapis/googleapis-gen@eee06c9
Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWlhbS8uT3dsQm90LnlhbWwiLCJoIjoiZWVlMDZjOTI4ZGEwYzdiMGU3NzVkNmFhYTcxNWMxZTAxYmRiOTkzNSJ9

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* chore: remove redundant gRPC service config file
feat: specify retry configuration

PiperOrigin-RevId: 712493958

Source-Link: googleapis/googleapis@29aea41

Source-Link: googleapis/googleapis-gen@04bcbab
Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWlhbS8uT3dsQm90LnlhbWwiLCJoIjoiMDRiY2JhYjQ1MDU5ODllOTg0YjE0MDNkNDM4ZmZmYzAzMTIxNDRhZiJ9

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

---------

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
  • Loading branch information
gcf-owl-bot[bot] and gcf-owl-bot[bot] authored Jan 11, 2025
1 parent 46c0ab9 commit b5d4b49
Show file tree
Hide file tree
Showing 48 changed files with 29,581 additions and 4,302 deletions.
4 changes: 2 additions & 2 deletions packages/google-iam/.jsdoc.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright 2024 Google LLC
// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -40,7 +40,7 @@ module.exports = {
includePattern: '\\.js$'
},
templates: {
copyright: 'Copyright 2024 Google LLC',
copyright: 'Copyright 2025 Google LLC',
includeDate: false,
sourceFiles: false,
systemName: '@google-cloud/iam',
Expand Down
2 changes: 1 addition & 1 deletion packages/google-iam/.mocharc.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright 2024 Google LLC
// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
Expand Down
2 changes: 1 addition & 1 deletion packages/google-iam/.prettierrc.js
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright 2024 Google LLC
// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
Expand Down
16 changes: 14 additions & 2 deletions packages/google-iam/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ Google APIs Client Libraries, in [Client Libraries Explained][explained].
1. [Select or create a Cloud Platform project][projects].
1. [Enable billing for your project][billing].
1. [Enable the Identity and Access Management API][enable_api].
1. [Set up authentication with a service account][auth] so you can access the
1. [Set up authentication][auth] so you can access the
API from your local workstation.

### Installing the client library
Expand All @@ -68,6 +68,18 @@ Samples are in the [`samples/`](https://github.com/googleapis/google-cloud-node/
| Policies.list_applicable_policies | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v2/policies.list_applicable_policies.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v2/policies.list_applicable_policies.js,packages/google-iam/samples/README.md) |
| Policies.list_policies | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v2/policies.list_policies.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v2/policies.list_policies.js,packages/google-iam/samples/README.md) |
| Policies.update_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v2/policies.update_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v2/policies.update_policy.js,packages/google-iam/samples/README.md) |
| Policy_bindings.create_policy_binding | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/policy_bindings.create_policy_binding.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/policy_bindings.create_policy_binding.js,packages/google-iam/samples/README.md) |
| Policy_bindings.delete_policy_binding | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/policy_bindings.delete_policy_binding.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/policy_bindings.delete_policy_binding.js,packages/google-iam/samples/README.md) |
| Policy_bindings.get_policy_binding | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/policy_bindings.get_policy_binding.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/policy_bindings.get_policy_binding.js,packages/google-iam/samples/README.md) |
| Policy_bindings.list_policy_bindings | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/policy_bindings.list_policy_bindings.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/policy_bindings.list_policy_bindings.js,packages/google-iam/samples/README.md) |
| Policy_bindings.search_target_policy_bindings | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/policy_bindings.search_target_policy_bindings.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/policy_bindings.search_target_policy_bindings.js,packages/google-iam/samples/README.md) |
| Policy_bindings.update_policy_binding | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/policy_bindings.update_policy_binding.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/policy_bindings.update_policy_binding.js,packages/google-iam/samples/README.md) |
| Principal_access_boundary_policies.create_principal_access_boundary_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/principal_access_boundary_policies.create_principal_access_boundary_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/principal_access_boundary_policies.create_principal_access_boundary_policy.js,packages/google-iam/samples/README.md) |
| Principal_access_boundary_policies.delete_principal_access_boundary_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/principal_access_boundary_policies.delete_principal_access_boundary_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/principal_access_boundary_policies.delete_principal_access_boundary_policy.js,packages/google-iam/samples/README.md) |
| Principal_access_boundary_policies.get_principal_access_boundary_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/principal_access_boundary_policies.get_principal_access_boundary_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/principal_access_boundary_policies.get_principal_access_boundary_policy.js,packages/google-iam/samples/README.md) |
| Principal_access_boundary_policies.list_principal_access_boundary_policies | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/principal_access_boundary_policies.list_principal_access_boundary_policies.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/principal_access_boundary_policies.list_principal_access_boundary_policies.js,packages/google-iam/samples/README.md) |
| Principal_access_boundary_policies.search_principal_access_boundary_policy_bindings | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/principal_access_boundary_policies.search_principal_access_boundary_policy_bindings.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/principal_access_boundary_policies.search_principal_access_boundary_policy_bindings.js,packages/google-iam/samples/README.md) |
| Principal_access_boundary_policies.update_principal_access_boundary_policy | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/generated/v3/principal_access_boundary_policies.update_principal_access_boundary_policy.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/generated/v3/principal_access_boundary_policies.update_principal_access_boundary_policy.js,packages/google-iam/samples/README.md) |
| Quickstart | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-iam/samples/quickstart.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-iam/samples/quickstart.js,packages/google-iam/samples/README.md) |


Expand Down Expand Up @@ -138,4 +150,4 @@ See [LICENSE](https://github.com/googleapis/google-cloud-node/blob/main/LICENSE)
[projects]: https://console.cloud.google.com/project
[billing]: https://support.google.com/cloud/answer/6293499#enable-billing
[enable_api]: https://console.cloud.google.com/flows/enableapi?apiid=google.iam.v2
[auth]: https://cloud.google.com/docs/authentication/getting-started
[auth]: https://cloud.google.com/docs/authentication/external/set-up-adc-local
56 changes: 56 additions & 0 deletions packages/google-iam/protos/google/iam/v3/operation_metadata.proto
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

syntax = "proto3";

package google.iam.v3;

import "google/api/field_behavior.proto";
import "google/protobuf/timestamp.proto";

option csharp_namespace = "Google.Cloud.Iam.V3";
option go_package = "cloud.google.com/go/iam/apiv3/iampb;iampb";
option java_multiple_files = true;
option java_outer_classname = "OperationMetadataProto";
option java_package = "com.google.iam.v3";

// Represents the metadata of the long-running operation.
message OperationMetadata {
// Output only. The time the operation was created.
google.protobuf.Timestamp create_time = 1
[(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. The time the operation finished running.
google.protobuf.Timestamp end_time = 2
[(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. Server-defined resource path for the target of the
string target = 3 [(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. Name of the verb executed by the operation.
string verb = 4 [(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. Human-readable status of the operation, if any.
string status_message = 5 [(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. Identifies whether the user has requested cancellation
// of the operation. Operations that have successfully been cancelled
// have [Operation.error][] value with a
// [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to
// `Code.CANCELLED`.
bool requested_cancellation = 6 [(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. API version used to start the operation.
string api_version = 7 [(google.api.field_behavior) = OUTPUT_ONLY];
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,175 @@
// Copyright 2024 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

syntax = "proto3";

package google.iam.v3;

import "google/api/field_behavior.proto";
import "google/api/field_info.proto";
import "google/api/resource.proto";
import "google/protobuf/timestamp.proto";
import "google/type/expr.proto";

option csharp_namespace = "Google.Cloud.Iam.V3";
option go_package = "cloud.google.com/go/iam/apiv3/iampb;iampb";
option java_multiple_files = true;
option java_outer_classname = "PolicyBindingResourcesProto";
option java_package = "com.google.iam.v3";

// IAM policy binding
message PolicyBinding {
option (google.api.resource) = {
type: "iam.googleapis.com/PolicyBinding"
pattern: "organizations/{organization}/locations/{location}/policyBindings/{policy_binding}"
pattern: "folders/{folder}/locations/{location}/policyBindings/{policy_binding}"
pattern: "projects/{project}/locations/{location}/policyBindings/{policy_binding}"
plural: "policyBindings"
singular: "policyBinding"
};

// Target is the full resource name of the resource to which the policy will
// be bound. Immutable once set.
message Target {
oneof target {
// Immutable. Full Resource Name used for principal access boundary policy
// bindings Examples:
//
// * Organization:
// `//cloudresourcemanager.googleapis.com/organizations/ORGANIZATION_ID`
// * Folder: `//cloudresourcemanager.googleapis.com/folders/FOLDER_ID`
// * Project:
// * `//cloudresourcemanager.googleapis.com/projects/PROJECT_NUMBER`
// * `//cloudresourcemanager.googleapis.com/projects/PROJECT_ID`
// * Workload Identity Pool:
// `//iam.googleapis.com/projects/PROJECT_NUMBER/locations/LOCATION/workloadIdentityPools/WORKLOAD_POOL_ID`
// * Workforce Identity:
// `//iam.googleapis.com/locations/global/workforcePools/WORKFORCE_POOL_ID`
// * Workspace Identity:
// `//iam.googleapis.com/locations/global/workspace/WORKSPACE_ID`
string principal_set = 1 [(google.api.field_behavior) = IMMUTABLE];
}
}

// Different policy kinds supported in this binding.
enum PolicyKind {
// Unspecified policy kind; Not a valid state
POLICY_KIND_UNSPECIFIED = 0;

// Principal access boundary policy kind
PRINCIPAL_ACCESS_BOUNDARY = 1;
}

// Identifier. The name of the policy binding, in the format
// `{binding_parent/locations/{location}/policyBindings/{policy_binding_id}`.
// The binding parent is the closest Resource Manager resource (i.e., Project,
// Folder or Organization) to the binding target.
//
// Format:
//
// * `projects/{project_id}/locations/{location}/policyBindings/{policy_binding_id}`
// * `projects/{project_number}/locations/{location}/policyBindings/{policy_binding_id}`
// * `folders/{folder_id}/locations/{location}/policyBindings/{policy_binding_id}`
// * `organizations/{organization_id}/locations/{location}/policyBindings/{policy_binding_id}`
string name = 1 [(google.api.field_behavior) = IDENTIFIER];

// Output only. The globally unique ID of the policy binding. Assigned when
// the policy binding is created.
string uid = 2 [
(google.api.field_info).format = UUID4,
(google.api.field_behavior) = OUTPUT_ONLY
];

// Optional. The etag for the policy binding.
// If this is provided on update, it must match the server's etag.
string etag = 3 [(google.api.field_behavior) = OPTIONAL];

// Optional. The description of the policy binding. Must be less than or equal
// to 63 characters.
string display_name = 4 [(google.api.field_behavior) = OPTIONAL];

// Optional. User defined annotations. See
// https://google.aip.dev/148#annotations for more details such as format and
// size limitations
map<string, string> annotations = 5 [(google.api.field_behavior) = OPTIONAL];

// Required. Immutable. Target is the full resource name of the resource to
// which the policy will be bound. Immutable once set.
Target target = 6 [
(google.api.field_behavior) = IMMUTABLE,
(google.api.field_behavior) = REQUIRED
];

// Immutable. The kind of the policy to attach in this binding. This field
// must be one of the following:
//
// - Left empty (will be automatically set to the policy kind)
// - The input policy kind
PolicyKind policy_kind = 11 [(google.api.field_behavior) = IMMUTABLE];

// Required. Immutable. The resource name of the policy to be bound. The
// binding parent and policy must belong to the same Organization (or
// Project).
string policy = 7 [
(google.api.field_behavior) = IMMUTABLE,
(google.api.field_behavior) = REQUIRED
];

// Output only. The globally unique ID of the policy to be bound.
string policy_uid = 12 [(google.api.field_behavior) = OUTPUT_ONLY];

// Optional. Condition can either be a principal condition or a resource
// condition. It depends on the type of target, the policy it is attached to,
// and/or the expression itself. When set, the `expression` field in the
// `Expr` must include from 1 to 10 subexpressions, joined by the "||"(Logical
// OR),
// "&&"(Logical AND) or "!"(Logical NOT) operators and cannot contain more
// than 250 characters.
// Allowed operations for principal.subject:
//
// - `principal.subject == <principal subject string>`
// - `principal.subject != <principal subject string>`
// - `principal.subject in [<list of principal subjects>]`
// - `principal.subject.startsWith(<string>)`
// - `principal.subject.endsWith(<string>)`
//
// Allowed operations for principal.type:
//
// - `principal.type == <principal type string>`
// - `principal.type != <principal type string>`
// - `principal.type in [<list of principal types>]`
//
// Supported principal types are Workspace, Workforce Pool, Workload Pool and
// Service Account. Allowed string must be one of:
//
// - iam.googleapis.com/WorkspaceIdentity
// - iam.googleapis.com/WorkforcePoolIdentity
// - iam.googleapis.com/WorkloadPoolIdentity
// - iam.googleapis.com/ServiceAccount
//
// When the bound policy is a principal access boundary policy, the only
// supported attributes in any subexpression are `principal.type` and
// `principal.subject`. An example expression is: "principal.type ==
// 'iam.googleapis.com/ServiceAccount'" or "principal.subject ==
// '[email protected]'".
google.type.Expr condition = 8 [(google.api.field_behavior) = OPTIONAL];

// Output only. The time when the policy binding was created.
google.protobuf.Timestamp create_time = 9
[(google.api.field_behavior) = OUTPUT_ONLY];

// Output only. The time when the policy binding was most recently updated.
google.protobuf.Timestamp update_time = 10
[(google.api.field_behavior) = OUTPUT_ONLY];
}
Loading

0 comments on commit b5d4b49

Please sign in to comment.