fix(cloudasset): update the API

#### cloudasset:v1p1beta1 The following keys were changed: - schemas.GoogleIdentityAccesscontextmanagerV1EgressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.resources.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressSource.properties.accessLevel.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.resources.description #### cloudasset:v1p4beta1 The following keys were changed: - schemas.GoogleCloudAssetV1p4beta1AnalysisState.properties.code.enumDescriptions - schemas.GoogleIdentityAccesscontextmanagerV1EgressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.resources.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressSource.properties.accessLevel.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.resources.description #### cloudasset:v1p5beta1 The following keys were changed: - schemas.GoogleIdentityAccesscontextmanagerV1EgressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.resources.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressSource.properties.accessLevel.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.resources.description #### cloudasset:v1p7beta1 The following keys were changed: - schemas.GoogleIdentityAccesscontextmanagerV1EgressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.resources.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressSource.properties.accessLevel.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.resources.description #### cloudasset:v1beta1 The following keys were changed: - schemas.GoogleIdentityAccesscontextmanagerV1EgressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.resources.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressSource.properties.accessLevel.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.resources.description #### cloudasset:v1 The following keys were changed: - resources.v1.methods.searchAllResources.parameters.query.description - schemas.Asset.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1EgressTo.properties.resources.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressFrom.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressSource.properties.accessLevel.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.operations.description - schemas.GoogleIdentityAccesscontextmanagerV1IngressTo.properties.resources.description - schemas.IamPolicyAnalysisState.properties.code.enumDescriptions
googleapis · May 3, 2021 · a2530d9 · a2530d9
1 parent 54ca661
commit a2530d9
Show file tree

Hide file tree

Showing 12 changed files with 121 additions and 121 deletions.
diff --git a/discovery/cloudasset-v1.json b/discovery/cloudasset-v1.json
diff --git a/discovery/cloudasset-v1beta1.json b/discovery/cloudasset-v1beta1.json
@@ -411,7 +411,7 @@
       }
     }
   },
-  "revision": "20210326",
+  "revision": "20210426",
   "rootUrl": "https://cloudasset.googleapis.com/",
   "schemas": {
     "AnalyzeIamPolicyLongrunningResponse": {
@@ -1092,7 +1092,7 @@
       "type": "object"
     },
     "GoogleIdentityAccesscontextmanagerV1EgressFrom": {
-      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.",
+      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.",
       "id": "GoogleIdentityAccesscontextmanagerV1EgressFrom",
       "properties": {
         "identities": {
@@ -1137,18 +1137,18 @@
       "type": "object"
     },
     "GoogleIdentityAccesscontextmanagerV1EgressTo": {
-      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.",
+      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.",
       "id": "GoogleIdentityAccesscontextmanagerV1EgressTo",
       "properties": {
         "operations": {
-          "description": "A list of ApiOperations that this egress rule applies to. A request matches if it contains an operation/service in this list.",
+          "description": "A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list.",
           "items": {
             "$ref": "GoogleIdentityAccesscontextmanagerV1ApiOperation"
           },
           "type": "array"
         },
         "resources": {
-          "description": "A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If `*` is specified for resources, then this EgressTo rule will authorize access to all resources outside the perimeter.",
+          "description": "A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter.",
           "items": {
             "type": "string"
           },
@@ -1158,7 +1158,7 @@
       "type": "object"
     },
     "GoogleIdentityAccesscontextmanagerV1IngressFrom": {
-      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request.",
+      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in `sources` AND identity related fields in order to match.",
       "id": "GoogleIdentityAccesscontextmanagerV1IngressFrom",
       "properties": {
         "identities": {
@@ -1214,7 +1214,7 @@
       "id": "GoogleIdentityAccesscontextmanagerV1IngressSource",
       "properties": {
         "accessLevel": {
-          "description": "An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If `*` is specified, then all IngressSources will be allowed.",
+          "description": "An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources will be allowed.",
           "type": "string"
         },
         "resource": {
@@ -1225,18 +1225,18 @@
       "type": "object"
     },
     "GoogleIdentityAccesscontextmanagerV1IngressTo": {
-      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the destination of the request.",
+      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in `operations` AND `resources` in order to match.",
       "id": "GoogleIdentityAccesscontextmanagerV1IngressTo",
       "properties": {
         "operations": {
-          "description": "A list of ApiOperations the sources specified in corresponding IngressFrom are allowed to perform in this ServicePerimeter.",
+          "description": "A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter.",
           "items": {
             "$ref": "GoogleIdentityAccesscontextmanagerV1ApiOperation"
           },
           "type": "array"
         },
         "resources": {
-          "description": "A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. A request matches if it contains a resource in this list. If `*` is specified for resources, then this IngressTo rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field.",
+          "description": "A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed.",
           "items": {
             "type": "string"
           },

diff --git a/discovery/cloudasset-v1p1beta1.json b/discovery/cloudasset-v1p1beta1.json
@@ -207,7 +207,7 @@
       }
     }
   },
-  "revision": "20210326",
+  "revision": "20210426",
   "rootUrl": "https://cloudasset.googleapis.com/",
   "schemas": {
     "AnalyzeIamPolicyLongrunningResponse": {
@@ -794,7 +794,7 @@
       "type": "object"
     },
     "GoogleIdentityAccesscontextmanagerV1EgressFrom": {
-      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.",
+      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.",
       "id": "GoogleIdentityAccesscontextmanagerV1EgressFrom",
       "properties": {
         "identities": {
@@ -839,18 +839,18 @@
       "type": "object"
     },
     "GoogleIdentityAccesscontextmanagerV1EgressTo": {
-      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.",
+      "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.",
       "id": "GoogleIdentityAccesscontextmanagerV1EgressTo",
       "properties": {
         "operations": {
-          "description": "A list of ApiOperations that this egress rule applies to. A request matches if it contains an operation/service in this list.",
+          "description": "A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list.",
           "items": {
             "$ref": "GoogleIdentityAccesscontextmanagerV1ApiOperation"
           },
           "type": "array"
         },
         "resources": {
-          "description": "A list of resources, currently only projects in the form `projects/`, that match this to stanza. A request matches if it contains a resource in this list. If `*` is specified for resources, then this EgressTo rule will authorize access to all resources outside the perimeter.",
+          "description": "A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter.",
           "items": {
             "type": "string"
           },
@@ -860,7 +860,7 @@
       "type": "object"
     },
     "GoogleIdentityAccesscontextmanagerV1IngressFrom": {
-      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request.",
+      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in `sources` AND identity related fields in order to match.",
       "id": "GoogleIdentityAccesscontextmanagerV1IngressFrom",
       "properties": {
         "identities": {
@@ -916,7 +916,7 @@
       "id": "GoogleIdentityAccesscontextmanagerV1IngressSource",
       "properties": {
         "accessLevel": {
-          "description": "An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If `*` is specified, then all IngressSources will be allowed.",
+          "description": "An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources will be allowed.",
           "type": "string"
         },
         "resource": {
@@ -927,18 +927,18 @@
       "type": "object"
     },
     "GoogleIdentityAccesscontextmanagerV1IngressTo": {
-      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the destination of the request.",
+      "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in `operations` AND `resources` in order to match.",
       "id": "GoogleIdentityAccesscontextmanagerV1IngressTo",
       "properties": {
         "operations": {
-          "description": "A list of ApiOperations the sources specified in corresponding IngressFrom are allowed to perform in this ServicePerimeter.",
+          "description": "A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter.",
           "items": {
             "$ref": "GoogleIdentityAccesscontextmanagerV1ApiOperation"
           },
           "type": "array"
         },
         "resources": {
-          "description": "A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. A request matches if it contains a resource in this list. If `*` is specified for resources, then this IngressTo rule will authorize access to all resources inside the perimeter, provided that the request also matches the `operations` field.",
+          "description": "A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed.",
           "items": {
             "type": "string"
           },