diff --git a/protos/google/cloud/orgpolicy/v2/constraint.proto b/protos/google/cloud/orgpolicy/v2/constraint.proto index a9051ac..81af21b 100644 --- a/protos/google/cloud/orgpolicy/v2/constraint.proto +++ b/protos/google/cloud/orgpolicy/v2/constraint.proto @@ -1,4 +1,4 @@ -// Copyright 2020 Google LLC +// Copyright 2022 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -31,11 +31,11 @@ option ruby_package = "Google::Cloud::OrgPolicy::V2"; // example, you could enforce a constraint that controls which cloud services // can be activated across an organization, or whether a Compute Engine instance // can have serial port connections established. `Constraints` can be configured -// by the organization's policy adminstrator to fit the needs of the organzation -// by setting a `policy` that includes `constraints` at different locations in -// the organization's resource hierarchy. Policies are inherited down the -// resource hierarchy from higher levels, but can also be overridden. For -// details about the inheritance rules please read about +// by the organization's policy administrator to fit the needs of the +// organization by setting a `policy` that includes `constraints` at different +// locations in the organization's resource hierarchy. Policies are inherited +// down the resource hierarchy from higher levels, but can also be overridden. +// For details about the inheritance rules please read about // [`policies`][google.cloud.OrgPolicy.v2.Policy]. // // `Constraints` have a default behavior determined by the `constraint_default` @@ -49,6 +49,24 @@ message Constraint { pattern: "organizations/{organization}/constraints/{constraint}" }; + // Specifies the default behavior in the absence of any `Policy` for the + // `Constraint`. This must not be `CONSTRAINT_DEFAULT_UNSPECIFIED`. + // + // Immutable after creation. + enum ConstraintDefault { + // This is only used for distinguishing unset values and should never be + // used. + CONSTRAINT_DEFAULT_UNSPECIFIED = 0; + + // Indicate that all values are allowed for list constraints. + // Indicate that enforcement is off for boolean constraints. + ALLOW = 1; + + // Indicate that all values are denied for list constraints. + // Indicate that enforcement is on for boolean constraints. + DENY = 2; + } + // A `Constraint` that allows or disallows a list of string values, which are // configured by an Organization's policy administrator with a `Policy`. message ListConstraint { @@ -73,24 +91,6 @@ message Constraint { } - // Specifies the default behavior in the absence of any `Policy` for the - // `Constraint`. This must not be `CONSTRAINT_DEFAULT_UNSPECIFIED`. - // - // Immutable after creation. - enum ConstraintDefault { - // This is only used for distinguishing unset values and should never be - // used. - CONSTRAINT_DEFAULT_UNSPECIFIED = 0; - - // Indicate that all values are allowed for list constraints. - // Indicate that enforcement is off for boolean constraints. - ALLOW = 1; - - // Indicate that all values are denied for list constraints. - // Indicate that enforcement is on for boolean constraints. - DENY = 2; - } - // Immutable. The resource name of the Constraint. Must be in one of // the following forms: // * `projects/{project_number}/constraints/{constraint_name}` diff --git a/protos/google/cloud/orgpolicy/v2/orgpolicy.proto b/protos/google/cloud/orgpolicy/v2/orgpolicy.proto index 2b2bb47..043d7d0 100644 --- a/protos/google/cloud/orgpolicy/v2/orgpolicy.proto +++ b/protos/google/cloud/orgpolicy/v2/orgpolicy.proto @@ -1,4 +1,4 @@ -// Copyright 2020 Google LLC +// Copyright 2022 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -214,11 +214,8 @@ message Policy { // Basic information about the Organization Policy. PolicySpec spec = 2; - // An alternate policy configuration that will be used instead of the baseline - // policy configurations as determined by the launch. - // Currently the only way the launch can trigger the alternate configuration - // is via dry-run/darklaunch. - AlternatePolicySpec alternate = 3; + // Deprecated. + AlternatePolicySpec alternate = 3 [deprecated = true]; } // Similar to PolicySpec but with an extra 'launch' field for launch reference. @@ -284,11 +281,14 @@ message PolicySpec { // in the evaluation of the policy. When set, the `expression` field in // the `Expr' must include from 1 to 10 subexpressions, joined by the "||" // or "&&" operators. Each subexpression must be of the form - // "resource.matchLabels(key_name, value_name)", - // where key_name and value_name are the resource names for Label Keys - // and Values. These names are available from the Label Manager Service. An - // example expression is: - // "resource.matchLabels('labelKeys/123, 'labelValues/456')". + // "resource.matchTag('/tag_key_short_name, + // 'tag_value_short_name')". or "resource.matchTagId('tagKeys/key_id', + // 'tagValues/value_id')". where key_name and value_name are the resource + // names for Label Keys and Values. These names are available from the Tag + // Manager Service. An example expression is: + // "resource.matchTag('123456789/environment, + // 'prod')". or "resource.matchTagId('tagKeys/123', + // 'tagValues/456')". google.type.Expr condition = 5; } diff --git a/protos/protos.d.ts b/protos/protos.d.ts index ebb6c56..4c6d08a 100644 --- a/protos/protos.d.ts +++ b/protos/protos.d.ts @@ -151,6 +151,13 @@ export namespace google { namespace Constraint { + /** ConstraintDefault enum. */ + enum ConstraintDefault { + CONSTRAINT_DEFAULT_UNSPECIFIED = 0, + ALLOW = 1, + DENY = 2 + } + /** Properties of a ListConstraint. */ interface IListConstraint { @@ -330,13 +337,6 @@ export namespace google { */ public toJSON(): { [k: string]: any }; } - - /** ConstraintDefault enum. */ - enum ConstraintDefault { - CONSTRAINT_DEFAULT_UNSPECIFIED = 0, - ALLOW = 1, - DENY = 2 - } } /** Represents an OrgPolicy */ diff --git a/protos/protos.js b/protos/protos.js index dfa856d..3abb3cc 100644 --- a/protos/protos.js +++ b/protos/protos.js @@ -416,6 +416,22 @@ return this.constructor.toObject(this, $protobuf.util.toJSONOptions); }; + /** + * ConstraintDefault enum. + * @name google.cloud.orgpolicy.v2.Constraint.ConstraintDefault + * @enum {number} + * @property {number} CONSTRAINT_DEFAULT_UNSPECIFIED=0 CONSTRAINT_DEFAULT_UNSPECIFIED value + * @property {number} ALLOW=1 ALLOW value + * @property {number} DENY=2 DENY value + */ + Constraint.ConstraintDefault = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "CONSTRAINT_DEFAULT_UNSPECIFIED"] = 0; + values[valuesById[1] = "ALLOW"] = 1; + values[valuesById[2] = "DENY"] = 2; + return values; + })(); + Constraint.ListConstraint = (function() { /** @@ -786,22 +802,6 @@ return BooleanConstraint; })(); - /** - * ConstraintDefault enum. - * @name google.cloud.orgpolicy.v2.Constraint.ConstraintDefault - * @enum {number} - * @property {number} CONSTRAINT_DEFAULT_UNSPECIFIED=0 CONSTRAINT_DEFAULT_UNSPECIFIED value - * @property {number} ALLOW=1 ALLOW value - * @property {number} DENY=2 DENY value - */ - Constraint.ConstraintDefault = (function() { - var valuesById = {}, values = Object.create(valuesById); - values[valuesById[0] = "CONSTRAINT_DEFAULT_UNSPECIFIED"] = 0; - values[valuesById[1] = "ALLOW"] = 1; - values[valuesById[2] = "DENY"] = 2; - return values; - })(); - return Constraint; })(); diff --git a/protos/protos.json b/protos/protos.json index 7b57e92..2411cd4 100644 --- a/protos/protos.json +++ b/protos/protos.json @@ -60,6 +60,13 @@ } }, "nested": { + "ConstraintDefault": { + "values": { + "CONSTRAINT_DEFAULT_UNSPECIFIED": 0, + "ALLOW": 1, + "DENY": 2 + } + }, "ListConstraint": { "fields": { "supportsIn": { @@ -74,13 +81,6 @@ }, "BooleanConstraint": { "fields": {} - }, - "ConstraintDefault": { - "values": { - "CONSTRAINT_DEFAULT_UNSPECIFIED": 0, - "ALLOW": 1, - "DENY": 2 - } } } }, @@ -310,7 +310,10 @@ }, "alternate": { "type": "AlternatePolicySpec", - "id": 3 + "id": 3, + "options": { + "deprecated": true + } } } },