feat(iamcredentials): update the API

#### iamcredentials:v1 The following keys were added: - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.description - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.flatPath - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.httpMethod - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.id - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.parameterOrder - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.parameters.name.description - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.parameters.name.location - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.parameters.name.pattern - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.parameters.name.required - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.parameters.name.type - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.path - resources.projects.resources.serviceAccounts.methods.getAllowedLocations.response.$ref - schemas.ServiceAccountAllowedLocations.description - schemas.ServiceAccountAllowedLocations.id - schemas.ServiceAccountAllowedLocations.properties.encodedLocations.description - schemas.ServiceAccountAllowedLocations.properties.encodedLocations.readOnly - schemas.ServiceAccountAllowedLocations.properties.encodedLocations.type - schemas.ServiceAccountAllowedLocations.properties.locations.description - schemas.ServiceAccountAllowedLocations.properties.locations.items.type - schemas.ServiceAccountAllowedLocations.properties.locations.readOnly - schemas.ServiceAccountAllowedLocations.properties.locations.type - schemas.ServiceAccountAllowedLocations.type
googleapis · Jan 29, 2025 · 4bd7252 · 4bd7252
1 parent a50a288
commit 4bd7252
Show file tree

Hide file tree

Showing 2 changed files with 162 additions and 1 deletion.
diff --git a/discovery/iamcredentials-v1.json b/discovery/iamcredentials-v1.json
@@ -165,6 +165,28 @@
                 "https://www.googleapis.com/auth/cloud-platform"
               ]
             },
+            "getAllowedLocations": {
+              "description": "Returns the trust boundary info for a given service account.",
+              "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}/allowedLocations",
+              "httpMethod": "GET",
+              "id": "iamcredentials.projects.serviceAccounts.getAllowedLocations",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Required. Resource name of service account.",
+                  "location": "path",
+                  "pattern": "^projects/[^/]+/serviceAccounts/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/{+name}/allowedLocations",
+              "response": {
+                "$ref": "ServiceAccountAllowedLocations"
+              }
+            },
             "signBlob": {
               "description": "Signs a blob using a service account's system-managed private key.",
               "flatPath": "v1/projects/{projectsId}/serviceAccounts/{serviceAccountsId}:signBlob",
@@ -226,7 +248,7 @@
       }
     }
   },
-  "revision": "20240227",
+  "revision": "20241024",
   "rootUrl": "https://iamcredentials.googleapis.com/",
   "schemas": {
     "GenerateAccessTokenRequest": {
@@ -300,6 +322,26 @@
       },
       "type": "object"
     },
+    "ServiceAccountAllowedLocations": {
+      "description": "Represents a list of allowed locations for given service account.",
+      "id": "ServiceAccountAllowedLocations",
+      "properties": {
+        "encodedLocations": {
+          "description": "Output only. The hex encoded bitmap of the trust boundary locations",
+          "readOnly": true,
+          "type": "string"
+        },
+        "locations": {
+          "description": "Output only. The human readable trust boundary locations. For example, [\"us-central1\", \"europe-west1\"]",
+          "items": {
+            "type": "string"
+          },
+          "readOnly": true,
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "SignBlobRequest": {
       "id": "SignBlobRequest",
       "properties": {

diff --git a/src/apis/iamcredentials/v1.ts b/src/apis/iamcredentials/v1.ts
@@ -168,6 +168,19 @@ export namespace iamcredentials_v1 {
      */
     token?: string | null;
   }
+  /**
+   * Represents a list of allowed locations for given service account.
+   */
+  export interface Schema$ServiceAccountAllowedLocations {
+    /**
+     * Output only. The hex encoded bitmap of the trust boundary locations
+     */
+    encodedLocations?: string | null;
+    /**
+     * Output only. The human readable trust boundary locations. For example, ["us-central1", "europe-west1"]
+     */
+    locations?: string[] | null;
+  }
   export interface Schema$SignBlobRequest {
     /**
      * The sequence of service accounts in a delegation chain. Each service account must be granted the `roles/iam.serviceAccountTokenCreator` role on its next service account in the chain. The last service account in the chain must be granted the `roles/iam.serviceAccountTokenCreator` role on the service account that is specified in the `name` field of the request. The delegates must have the following format: `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID\}`. The `-` wildcard character is required; replacing it with a project ID is invalid.
@@ -419,6 +432,105 @@ export namespace iamcredentials_v1 {
       }
     }
 
+    /**
+     * Returns the trust boundary info for a given service account.
+     *
+     * @param params - Parameters for request
+     * @param options - Optionally override request options, such as `url`, `method`, and `encoding`.
+     * @param callback - Optional callback that handles the response.
+     * @returns A promise if used with async/await, or void if used with a callback.
+     */
+    getAllowedLocations(
+      params: Params$Resource$Projects$Serviceaccounts$Getallowedlocations,
+      options: StreamMethodOptions
+    ): GaxiosPromise<Readable>;
+    getAllowedLocations(
+      params?: Params$Resource$Projects$Serviceaccounts$Getallowedlocations,
+      options?: MethodOptions
+    ): GaxiosPromise<Schema$ServiceAccountAllowedLocations>;
+    getAllowedLocations(
+      params: Params$Resource$Projects$Serviceaccounts$Getallowedlocations,
+      options: StreamMethodOptions | BodyResponseCallback<Readable>,
+      callback: BodyResponseCallback<Readable>
+    ): void;
+    getAllowedLocations(
+      params: Params$Resource$Projects$Serviceaccounts$Getallowedlocations,
+      options:
+        | MethodOptions
+        | BodyResponseCallback<Schema$ServiceAccountAllowedLocations>,
+      callback: BodyResponseCallback<Schema$ServiceAccountAllowedLocations>
+    ): void;
+    getAllowedLocations(
+      params: Params$Resource$Projects$Serviceaccounts$Getallowedlocations,
+      callback: BodyResponseCallback<Schema$ServiceAccountAllowedLocations>
+    ): void;
+    getAllowedLocations(
+      callback: BodyResponseCallback<Schema$ServiceAccountAllowedLocations>
+    ): void;
+    getAllowedLocations(
+      paramsOrCallback?:
+        | Params$Resource$Projects$Serviceaccounts$Getallowedlocations
+        | BodyResponseCallback<Schema$ServiceAccountAllowedLocations>
+        | BodyResponseCallback<Readable>,
+      optionsOrCallback?:
+        | MethodOptions
+        | StreamMethodOptions
+        | BodyResponseCallback<Schema$ServiceAccountAllowedLocations>
+        | BodyResponseCallback<Readable>,
+      callback?:
+        | BodyResponseCallback<Schema$ServiceAccountAllowedLocations>
+        | BodyResponseCallback<Readable>
+    ):
+      | void
+      | GaxiosPromise<Schema$ServiceAccountAllowedLocations>
+      | GaxiosPromise<Readable> {
+      let params = (paramsOrCallback ||
+        {}) as Params$Resource$Projects$Serviceaccounts$Getallowedlocations;
+      let options = (optionsOrCallback || {}) as MethodOptions;
+
+      if (typeof paramsOrCallback === 'function') {
+        callback = paramsOrCallback;
+        params =
+          {} as Params$Resource$Projects$Serviceaccounts$Getallowedlocations;
+        options = {};
+      }
+
+      if (typeof optionsOrCallback === 'function') {
+        callback = optionsOrCallback;
+        options = {};
+      }
+
+      const rootUrl =
+        options.rootUrl || 'https://iamcredentials.googleapis.com/';
+      const parameters = {
+        options: Object.assign(
+          {
+            url: (rootUrl + '/v1/{+name}/allowedLocations').replace(
+              /([^:]\/)\/+/g,
+              '$1'
+            ),
+            method: 'GET',
+            apiVersion: '',
+          },
+          options
+        ),
+        params,
+        requiredParams: ['name'],
+        pathParams: ['name'],
+        context: this.context,
+      };
+      if (callback) {
+        createAPIRequest<Schema$ServiceAccountAllowedLocations>(
+          parameters,
+          callback as BodyResponseCallback<unknown>
+        );
+      } else {
+        return createAPIRequest<Schema$ServiceAccountAllowedLocations>(
+          parameters
+        );
+      }
+    }
+
     /**
      * Signs a blob using a service account's system-managed private key.
      *
@@ -622,6 +734,13 @@ export namespace iamcredentials_v1 {
      */
     requestBody?: Schema$GenerateIdTokenRequest;
   }
+  export interface Params$Resource$Projects$Serviceaccounts$Getallowedlocations
+    extends StandardParameters {
+    /**
+     * Required. Resource name of service account.
+     */
+    name?: string;
+  }
   export interface Params$Resource$Projects$Serviceaccounts$Signblob
     extends StandardParameters {
     /**