diff --git a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/__init__.py b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/__init__.py index b3d592ace9f0..5b6dbef400f6 100644 --- a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/__init__.py +++ b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/__init__.py @@ -27,8 +27,6 @@ from .types.assuredworkloads import ListWorkloadsResponse from .types.assuredworkloads import RestrictAllowedResourcesRequest from .types.assuredworkloads import RestrictAllowedResourcesResponse -from .types.assuredworkloads import RestrictAllowedServicesRequest -from .types.assuredworkloads import RestrictAllowedServicesResponse from .types.assuredworkloads import UpdateWorkloadRequest from .types.assuredworkloads import Workload @@ -45,8 +43,6 @@ "ListWorkloadsResponse", "RestrictAllowedResourcesRequest", "RestrictAllowedResourcesResponse", - "RestrictAllowedServicesRequest", - "RestrictAllowedServicesResponse", "UpdateWorkloadRequest", "Workload", ) diff --git a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/gapic_metadata.json b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/gapic_metadata.json index 782071b429d1..9b753c55a639 100644 --- a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/gapic_metadata.json +++ b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/gapic_metadata.json @@ -40,11 +40,6 @@ "restrict_allowed_resources" ] }, - "RestrictAllowedServices": { - "methods": [ - "restrict_allowed_services" - ] - }, "UpdateWorkload": { "methods": [ "update_workload" @@ -85,11 +80,6 @@ "restrict_allowed_resources" ] }, - "RestrictAllowedServices": { - "methods": [ - "restrict_allowed_services" - ] - }, "UpdateWorkload": { "methods": [ "update_workload" diff --git a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/async_client.py b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/async_client.py index dee2a0bb3218..ca1abe290c39 100644 --- a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/async_client.py +++ b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/async_client.py @@ -239,7 +239,7 @@ async def sample_create_workload(): # Initialize request argument(s) workload = assuredworkloads_v1beta1.Workload() workload.display_name = "display_name_value" - workload.compliance_regime = "ITAR" + workload.compliance_regime = "AU_REGIONS_AND_US_SUPPORT" request = assuredworkloads_v1beta1.CreateWorkloadRequest( parent="parent_value", @@ -364,7 +364,7 @@ async def sample_update_workload(): # Initialize request argument(s) workload = assuredworkloads_v1beta1.Workload() workload.display_name = "display_name_value" - workload.compliance_regime = "ITAR" + workload.compliance_regime = "AU_REGIONS_AND_US_SUPPORT" request = assuredworkloads_v1beta1.UpdateWorkloadRequest( workload=workload, @@ -435,89 +435,6 @@ async def sample_update_workload(): client_info=DEFAULT_CLIENT_INFO, ) - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata( - (("workload.name", request.workload.name),) - ), - ) - - # Send the request. - response = await rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - async def restrict_allowed_services( - self, - request: Union[assuredworkloads.RestrictAllowedServicesRequest, dict] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> assuredworkloads.RestrictAllowedServicesResponse: - r"""Restrict the list of services allowed in the Workload - environment. The current list of allowed services can be - found at - https://cloud.google.com/assured-workloads/docs/supported-products - In addition to assuredworkloads.workload.update - permission, the user should also have - orgpolicy.policy.set permission on the folder resource - to use this functionality. - - .. code-block:: python - - from google.cloud import assuredworkloads_v1beta1 - - async def sample_restrict_allowed_services(): - # Create a client - client = assuredworkloads_v1beta1.AssuredWorkloadsServiceAsyncClient() - - # Initialize request argument(s) - request = assuredworkloads_v1beta1.RestrictAllowedServicesRequest( - name="name_value", - restriction_type="ALLOW_COMPLIANT_SERVICES", - ) - - # Make the request - response = await client.restrict_allowed_services(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.assuredworkloads_v1beta1.types.RestrictAllowedServicesRequest, dict]): - The request object. Request for restricting list of - available services in Workload environment. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.assuredworkloads_v1beta1.types.RestrictAllowedServicesResponse: - Response for restricting the list of - allowed services. - - """ - # Create or coerce a protobuf request object. - request = assuredworkloads.RestrictAllowedServicesRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = gapic_v1.method_async.wrap_method( - self._client._transport.restrict_allowed_services, - default_timeout=None, - client_info=DEFAULT_CLIENT_INFO, - ) - # Send the request. response = await rpc( request, @@ -819,8 +736,9 @@ async def analyze_workload_move( timeout: float = None, metadata: Sequence[Tuple[str, str]] = (), ) -> assuredworkloads.AnalyzeWorkloadMoveResponse: - r"""Analyze if the source Assured Workloads can be moved - to the target Assured Workload + r"""A request to analyze a hypothetical move of a source + project or project-based workload to a target + (destination) folder-based workload. .. code-block:: python @@ -844,27 +762,29 @@ async def sample_analyze_workload_move(): Args: request (Union[google.cloud.assuredworkloads_v1beta1.types.AnalyzeWorkloadMoveRequest, dict]): - The request object. Request to check if source workload - can be moved to target workload. + The request object. A request to analyze a hypothetical + move of a source project or project-based workload to a + target (destination) folder-based workload. project (:class:`str`): - The Source is a project based to be moved. This is the - project's relative path in the API, formatted as - "cloudresourcemanager.googleapis.com/projects/{project_number}" - "projects/{project_number}" - "cloudresourcemanager.googleapis.com/projects/{project_id}" - "projects/{project_id}" For example, - "organizations/123/locations/us-east1/workloads/assured-workload-1". + The source type is a project. Specify the project's + relative resource name, formatted as either a project + number or a project ID: "projects/{PROJECT_NUMBER}" or + "projects/{PROJECT_ID}" For example: + "projects/951040570662" when specifying a project + number, or "projects/my-project-123" when specifying a + project ID. This corresponds to the ``project`` field on the ``request`` instance; if ``request`` is provided, this should not be set. target (:class:`str`): - Required. The resource name of the Workload to fetch. - This is the workloads's relative path in the API, - formatted as - "organizations/{organization_id}/locations/{location_id}/workloads/{workload_id}". - For example, - "organizations/123/locations/us-east1/workloads/assured-workload-2". + Required. The resource ID of the folder-based + destination workload. This workload is where the source + project will hypothetically be moved to. Specify the + workload's relative resource name, formatted as: + "organizations/{ORGANIZATION_ID}/locations/{LOCATION_ID}/workloads/{WORKLOAD_ID}" + For example: + "organizations/123/locations/us-east1/workloads/assured-workload-2" This corresponds to the ``target`` field on the ``request`` instance; if ``request`` is provided, this @@ -877,9 +797,8 @@ async def sample_analyze_workload_move(): Returns: google.cloud.assuredworkloads_v1beta1.types.AnalyzeWorkloadMoveResponse: - Response with the analysis if the - source workload can be moved to the - target workload + A response that includes the analysis + of the hypothetical resource move. """ # Create or coerce a protobuf request object. diff --git a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/client.py b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/client.py index 56e3a6d47af4..3d340b808b96 100644 --- a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/client.py +++ b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/client.py @@ -457,7 +457,7 @@ def sample_create_workload(): # Initialize request argument(s) workload = assuredworkloads_v1beta1.Workload() workload.display_name = "display_name_value" - workload.compliance_regime = "ITAR" + workload.compliance_regime = "AU_REGIONS_AND_US_SUPPORT" request = assuredworkloads_v1beta1.CreateWorkloadRequest( parent="parent_value", @@ -582,7 +582,7 @@ def sample_update_workload(): # Initialize request argument(s) workload = assuredworkloads_v1beta1.Workload() workload.display_name = "display_name_value" - workload.compliance_regime = "ITAR" + workload.compliance_regime = "AU_REGIONS_AND_US_SUPPORT" request = assuredworkloads_v1beta1.UpdateWorkloadRequest( workload=workload, @@ -653,92 +653,6 @@ def sample_update_workload(): # and friendly error handling. rpc = self._transport._wrapped_methods[self._transport.update_workload] - # Certain fields should be provided within the metadata header; - # add these here. - metadata = tuple(metadata) + ( - gapic_v1.routing_header.to_grpc_metadata( - (("workload.name", request.workload.name),) - ), - ) - - # Send the request. - response = rpc( - request, - retry=retry, - timeout=timeout, - metadata=metadata, - ) - - # Done; return the response. - return response - - def restrict_allowed_services( - self, - request: Union[assuredworkloads.RestrictAllowedServicesRequest, dict] = None, - *, - retry: OptionalRetry = gapic_v1.method.DEFAULT, - timeout: float = None, - metadata: Sequence[Tuple[str, str]] = (), - ) -> assuredworkloads.RestrictAllowedServicesResponse: - r"""Restrict the list of services allowed in the Workload - environment. The current list of allowed services can be - found at - https://cloud.google.com/assured-workloads/docs/supported-products - In addition to assuredworkloads.workload.update - permission, the user should also have - orgpolicy.policy.set permission on the folder resource - to use this functionality. - - .. code-block:: python - - from google.cloud import assuredworkloads_v1beta1 - - def sample_restrict_allowed_services(): - # Create a client - client = assuredworkloads_v1beta1.AssuredWorkloadsServiceClient() - - # Initialize request argument(s) - request = assuredworkloads_v1beta1.RestrictAllowedServicesRequest( - name="name_value", - restriction_type="ALLOW_COMPLIANT_SERVICES", - ) - - # Make the request - response = client.restrict_allowed_services(request=request) - - # Handle the response - print(response) - - Args: - request (Union[google.cloud.assuredworkloads_v1beta1.types.RestrictAllowedServicesRequest, dict]): - The request object. Request for restricting list of - available services in Workload environment. - retry (google.api_core.retry.Retry): Designation of what errors, if any, - should be retried. - timeout (float): The timeout for this request. - metadata (Sequence[Tuple[str, str]]): Strings which should be - sent along with the request as metadata. - - Returns: - google.cloud.assuredworkloads_v1beta1.types.RestrictAllowedServicesResponse: - Response for restricting the list of - allowed services. - - """ - # Create or coerce a protobuf request object. - # Minor optimization to avoid making a copy if the user passes - # in a assuredworkloads.RestrictAllowedServicesRequest. - # There's no risk of modifying the input as we've already verified - # there are no flattened fields. - if not isinstance(request, assuredworkloads.RestrictAllowedServicesRequest): - request = assuredworkloads.RestrictAllowedServicesRequest(request) - - # Wrap the RPC method; this adds retry and timeout information, - # and friendly error handling. - rpc = self._transport._wrapped_methods[ - self._transport.restrict_allowed_services - ] - # Send the request. response = rpc( request, @@ -1025,8 +939,9 @@ def analyze_workload_move( timeout: float = None, metadata: Sequence[Tuple[str, str]] = (), ) -> assuredworkloads.AnalyzeWorkloadMoveResponse: - r"""Analyze if the source Assured Workloads can be moved - to the target Assured Workload + r"""A request to analyze a hypothetical move of a source + project or project-based workload to a target + (destination) folder-based workload. .. code-block:: python @@ -1050,27 +965,29 @@ def sample_analyze_workload_move(): Args: request (Union[google.cloud.assuredworkloads_v1beta1.types.AnalyzeWorkloadMoveRequest, dict]): - The request object. Request to check if source workload - can be moved to target workload. + The request object. A request to analyze a hypothetical + move of a source project or project-based workload to a + target (destination) folder-based workload. project (str): - The Source is a project based to be moved. This is the - project's relative path in the API, formatted as - "cloudresourcemanager.googleapis.com/projects/{project_number}" - "projects/{project_number}" - "cloudresourcemanager.googleapis.com/projects/{project_id}" - "projects/{project_id}" For example, - "organizations/123/locations/us-east1/workloads/assured-workload-1". + The source type is a project. Specify the project's + relative resource name, formatted as either a project + number or a project ID: "projects/{PROJECT_NUMBER}" or + "projects/{PROJECT_ID}" For example: + "projects/951040570662" when specifying a project + number, or "projects/my-project-123" when specifying a + project ID. This corresponds to the ``project`` field on the ``request`` instance; if ``request`` is provided, this should not be set. target (str): - Required. The resource name of the Workload to fetch. - This is the workloads's relative path in the API, - formatted as - "organizations/{organization_id}/locations/{location_id}/workloads/{workload_id}". - For example, - "organizations/123/locations/us-east1/workloads/assured-workload-2". + Required. The resource ID of the folder-based + destination workload. This workload is where the source + project will hypothetically be moved to. Specify the + workload's relative resource name, formatted as: + "organizations/{ORGANIZATION_ID}/locations/{LOCATION_ID}/workloads/{WORKLOAD_ID}" + For example: + "organizations/123/locations/us-east1/workloads/assured-workload-2" This corresponds to the ``target`` field on the ``request`` instance; if ``request`` is provided, this @@ -1083,9 +1000,8 @@ def sample_analyze_workload_move(): Returns: google.cloud.assuredworkloads_v1beta1.types.AnalyzeWorkloadMoveResponse: - Response with the analysis if the - source workload can be moved to the - target workload + A response that includes the analysis + of the hypothetical resource move. """ # Create or coerce a protobuf request object. diff --git a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/base.py b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/base.py index 0d89edd05279..44b6e6da98d8 100644 --- a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/base.py +++ b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/base.py @@ -141,11 +141,6 @@ def _prep_wrapped_messages(self, client_info): default_timeout=60.0, client_info=client_info, ), - self.restrict_allowed_services: gapic_v1.method.wrap_method( - self.restrict_allowed_services, - default_timeout=None, - client_info=client_info, - ), self.restrict_allowed_resources: gapic_v1.method.wrap_method( self.restrict_allowed_resources, default_timeout=None, @@ -241,18 +236,6 @@ def update_workload( ]: raise NotImplementedError() - @property - def restrict_allowed_services( - self, - ) -> Callable[ - [assuredworkloads.RestrictAllowedServicesRequest], - Union[ - assuredworkloads.RestrictAllowedServicesResponse, - Awaitable[assuredworkloads.RestrictAllowedServicesResponse], - ], - ]: - raise NotImplementedError() - @property def restrict_allowed_resources( self, diff --git a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/grpc.py b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/grpc.py index ddf363af3983..e0bbcb84ced9 100644 --- a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/grpc.py +++ b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/grpc.py @@ -303,42 +303,6 @@ def update_workload( ) return self._stubs["update_workload"] - @property - def restrict_allowed_services( - self, - ) -> Callable[ - [assuredworkloads.RestrictAllowedServicesRequest], - assuredworkloads.RestrictAllowedServicesResponse, - ]: - r"""Return a callable for the restrict allowed services method over gRPC. - - Restrict the list of services allowed in the Workload - environment. The current list of allowed services can be - found at - https://cloud.google.com/assured-workloads/docs/supported-products - In addition to assuredworkloads.workload.update - permission, the user should also have - orgpolicy.policy.set permission on the folder resource - to use this functionality. - - Returns: - Callable[[~.RestrictAllowedServicesRequest], - ~.RestrictAllowedServicesResponse]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if "restrict_allowed_services" not in self._stubs: - self._stubs["restrict_allowed_services"] = self.grpc_channel.unary_unary( - "/google.cloud.assuredworkloads.v1beta1.AssuredWorkloadsService/RestrictAllowedServices", - request_serializer=assuredworkloads.RestrictAllowedServicesRequest.serialize, - response_deserializer=assuredworkloads.RestrictAllowedServicesResponse.deserialize, - ) - return self._stubs["restrict_allowed_services"] - @property def restrict_allowed_resources( self, @@ -441,8 +405,9 @@ def analyze_workload_move( ]: r"""Return a callable for the analyze workload move method over gRPC. - Analyze if the source Assured Workloads can be moved - to the target Assured Workload + A request to analyze a hypothetical move of a source + project or project-based workload to a target + (destination) folder-based workload. Returns: Callable[[~.AnalyzeWorkloadMoveRequest], diff --git a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/grpc_asyncio.py b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/grpc_asyncio.py index d0cd12ae02a8..fecd14c67375 100644 --- a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/grpc_asyncio.py +++ b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/services/assured_workloads_service/transports/grpc_asyncio.py @@ -312,42 +312,6 @@ def update_workload( ) return self._stubs["update_workload"] - @property - def restrict_allowed_services( - self, - ) -> Callable[ - [assuredworkloads.RestrictAllowedServicesRequest], - Awaitable[assuredworkloads.RestrictAllowedServicesResponse], - ]: - r"""Return a callable for the restrict allowed services method over gRPC. - - Restrict the list of services allowed in the Workload - environment. The current list of allowed services can be - found at - https://cloud.google.com/assured-workloads/docs/supported-products - In addition to assuredworkloads.workload.update - permission, the user should also have - orgpolicy.policy.set permission on the folder resource - to use this functionality. - - Returns: - Callable[[~.RestrictAllowedServicesRequest], - Awaitable[~.RestrictAllowedServicesResponse]]: - A function that, when called, will call the underlying RPC - on the server. - """ - # Generate a "stub function" on-the-fly which will actually make - # the request. - # gRPC handles serialization and deserialization, so we just need - # to pass in the functions for each. - if "restrict_allowed_services" not in self._stubs: - self._stubs["restrict_allowed_services"] = self.grpc_channel.unary_unary( - "/google.cloud.assuredworkloads.v1beta1.AssuredWorkloadsService/RestrictAllowedServices", - request_serializer=assuredworkloads.RestrictAllowedServicesRequest.serialize, - response_deserializer=assuredworkloads.RestrictAllowedServicesResponse.deserialize, - ) - return self._stubs["restrict_allowed_services"] - @property def restrict_allowed_resources( self, @@ -452,8 +416,9 @@ def analyze_workload_move( ]: r"""Return a callable for the analyze workload move method over gRPC. - Analyze if the source Assured Workloads can be moved - to the target Assured Workload + A request to analyze a hypothetical move of a source + project or project-based workload to a target + (destination) folder-based workload. Returns: Callable[[~.AnalyzeWorkloadMoveRequest], diff --git a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/types/__init__.py b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/types/__init__.py index 27e48abf1a71..66bdefcec4c4 100644 --- a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/types/__init__.py +++ b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/types/__init__.py @@ -24,8 +24,6 @@ ListWorkloadsResponse, RestrictAllowedResourcesRequest, RestrictAllowedResourcesResponse, - RestrictAllowedServicesRequest, - RestrictAllowedServicesResponse, UpdateWorkloadRequest, Workload, ) @@ -41,8 +39,6 @@ "ListWorkloadsResponse", "RestrictAllowedResourcesRequest", "RestrictAllowedResourcesResponse", - "RestrictAllowedServicesRequest", - "RestrictAllowedServicesResponse", "UpdateWorkloadRequest", "Workload", ) diff --git a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/types/assuredworkloads.py b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/types/assuredworkloads.py index bd29b3f8e134..517f45184e8a 100644 --- a/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/types/assuredworkloads.py +++ b/packages/google-cloud-assured-workloads/google/cloud/assuredworkloads_v1beta1/types/assuredworkloads.py @@ -25,8 +25,6 @@ manifest={ "CreateWorkloadRequest", "UpdateWorkloadRequest", - "RestrictAllowedServicesRequest", - "RestrictAllowedServicesResponse", "RestrictAllowedResourcesRequest", "RestrictAllowedResourcesResponse", "DeleteWorkloadRequest", @@ -100,43 +98,6 @@ class UpdateWorkloadRequest(proto.Message): ) -class RestrictAllowedServicesRequest(proto.Message): - r"""Request for restricting list of available services in - Workload environment. - - Attributes: - name (str): - Required. The resource name of the Workload. This is the - workloads's relative path in the API, formatted as - "organizations/{organization_id}/locations/{location_id}/workloads/{workload_id}". - For example, - "organizations/123/locations/us-east1/workloads/assured-workload-1". - restriction_type (google.cloud.assuredworkloads_v1beta1.types.RestrictAllowedServicesRequest.RestrictionType): - Required. The type of restriction for using - gcp services in the Workload environment. - """ - - class RestrictionType(proto.Enum): - r"""The type of restriction.""" - RESTRICTION_TYPE_UNSPECIFIED = 0 - ALLOW_ALL_GCP_SERVICES = 1 - ALLOW_COMPLIANT_SERVICES = 2 - - name = proto.Field( - proto.STRING, - number=1, - ) - restriction_type = proto.Field( - proto.ENUM, - number=2, - enum=RestrictionType, - ) - - -class RestrictAllowedServicesResponse(proto.Message): - r"""Response for restricting the list of allowed services.""" - - class RestrictAllowedResourcesRequest(proto.Message): r"""Request for restricting list of available resources in Workload environment. @@ -217,7 +178,8 @@ class GetWorkloadRequest(proto.Message): class AnalyzeWorkloadMoveRequest(proto.Message): - r"""Request to check if source workload can be moved to target + r"""A request to analyze a hypothetical move of a source project + or project-based workload to a target (destination) folder-based workload. This message has `oneof`_ fields (mutually exclusive fields). @@ -229,28 +191,29 @@ class AnalyzeWorkloadMoveRequest(proto.Message): Attributes: source (str): - The Source is project based Workload to be moved. This is - the workloads's relative path in the API, formatted as - "organizations/{organization_id}/locations/{location_id}/workloads/{workload_id}". - For example, + The source type is a project-based workload. Specify the + workloads's relative resource name, formatted as: + "organizations/{ORGANIZATION_ID}/locations/{LOCATION_ID}/workloads/{WORKLOAD_ID}" + For example: "organizations/123/locations/us-east1/workloads/assured-workload-1". This field is a member of `oneof`_ ``projectOrWorkloadResource``. project (str): - The Source is a project based to be moved. This is the - project's relative path in the API, formatted as - "cloudresourcemanager.googleapis.com/projects/{project_number}" - "projects/{project_number}" - "cloudresourcemanager.googleapis.com/projects/{project_id}" - "projects/{project_id}" For example, - "organizations/123/locations/us-east1/workloads/assured-workload-1". + The source type is a project. Specify the project's relative + resource name, formatted as either a project number or a + project ID: "projects/{PROJECT_NUMBER}" or + "projects/{PROJECT_ID}" For example: "projects/951040570662" + when specifying a project number, or + "projects/my-project-123" when specifying a project ID. This field is a member of `oneof`_ ``projectOrWorkloadResource``. target (str): - Required. The resource name of the Workload to fetch. This - is the workloads's relative path in the API, formatted as - "organizations/{organization_id}/locations/{location_id}/workloads/{workload_id}". - For example, + Required. The resource ID of the folder-based destination + workload. This workload is where the source project will + hypothetically be moved to. Specify the workload's relative + resource name, formatted as: + "organizations/{ORGANIZATION_ID}/locations/{LOCATION_ID}/workloads/{WORKLOAD_ID}" + For example: "organizations/123/locations/us-east1/workloads/assured-workload-2". """ @@ -271,13 +234,15 @@ class AnalyzeWorkloadMoveRequest(proto.Message): class AnalyzeWorkloadMoveResponse(proto.Message): - r"""Response with the analysis if the source workload can be - moved to the target workload + r"""A response that includes the analysis of the hypothetical + resource move. Attributes: blockers (Sequence[str]): - List of blockers that prevent moving the - source workload to the target workload + A list of blockers that should be addressed + before moving the source project or + project-based workload to the destination + folder-based workload. """ blockers = proto.RepeatedField( @@ -388,10 +353,10 @@ class Workload(proto.Message): Output only. Immutable. The Workload creation timestamp. billing_account (str): - Input only. The billing account used for the resources which - are direct children of workload. This billing account is - initially associated with the resources created as part of - Workload creation. After the initial creation of these + Output only. The billing account used for the resources + which are direct children of workload. This billing account + is initially associated with the resources created as part + of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form ``billingAccounts/{billing_account_id}``. For example, @@ -469,6 +434,7 @@ class ComplianceRegime(proto.Enum): EU_REGIONS_AND_SUPPORT = 8 CA_REGIONS_AND_SUPPORT = 9 ITAR = 10 + AU_REGIONS_AND_US_SUPPORT = 11 class KajEnrollmentState(proto.Enum): r"""Key Access Justifications(KAJ) Enrollment State.""" diff --git a/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_create_workload_async.py b/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_create_workload_async.py index fb618b7629e0..c4c70ea68a1c 100644 --- a/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_create_workload_async.py +++ b/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_create_workload_async.py @@ -34,7 +34,7 @@ async def sample_create_workload(): # Initialize request argument(s) workload = assuredworkloads_v1beta1.Workload() workload.display_name = "display_name_value" - workload.compliance_regime = "ITAR" + workload.compliance_regime = "AU_REGIONS_AND_US_SUPPORT" request = assuredworkloads_v1beta1.CreateWorkloadRequest( parent="parent_value", diff --git a/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_create_workload_sync.py b/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_create_workload_sync.py index ef93070c3fae..e24e55106416 100644 --- a/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_create_workload_sync.py +++ b/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_create_workload_sync.py @@ -34,7 +34,7 @@ def sample_create_workload(): # Initialize request argument(s) workload = assuredworkloads_v1beta1.Workload() workload.display_name = "display_name_value" - workload.compliance_regime = "ITAR" + workload.compliance_regime = "AU_REGIONS_AND_US_SUPPORT" request = assuredworkloads_v1beta1.CreateWorkloadRequest( parent="parent_value", diff --git a/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_update_workload_async.py b/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_update_workload_async.py index d34c7849b22e..71f4f6431409 100644 --- a/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_update_workload_async.py +++ b/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_update_workload_async.py @@ -34,7 +34,7 @@ async def sample_update_workload(): # Initialize request argument(s) workload = assuredworkloads_v1beta1.Workload() workload.display_name = "display_name_value" - workload.compliance_regime = "ITAR" + workload.compliance_regime = "AU_REGIONS_AND_US_SUPPORT" request = assuredworkloads_v1beta1.UpdateWorkloadRequest( workload=workload, diff --git a/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_update_workload_sync.py b/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_update_workload_sync.py index 248181864c9f..71ce5e9eb8e8 100644 --- a/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_update_workload_sync.py +++ b/packages/google-cloud-assured-workloads/samples/generated_samples/assuredworkloads_v1beta1_generated_assured_workloads_service_update_workload_sync.py @@ -34,7 +34,7 @@ def sample_update_workload(): # Initialize request argument(s) workload = assuredworkloads_v1beta1.Workload() workload.display_name = "display_name_value" - workload.compliance_regime = "ITAR" + workload.compliance_regime = "AU_REGIONS_AND_US_SUPPORT" request = assuredworkloads_v1beta1.UpdateWorkloadRequest( workload=workload, diff --git a/packages/google-cloud-assured-workloads/samples/generated_samples/snippet_metadata_assuredworkloads_v1beta1.json b/packages/google-cloud-assured-workloads/samples/generated_samples/snippet_metadata_assuredworkloads_v1beta1.json index 3ece5bd019d5..79a51e1e64b0 100644 --- a/packages/google-cloud-assured-workloads/samples/generated_samples/snippet_metadata_assuredworkloads_v1beta1.json +++ b/packages/google-cloud-assured-workloads/samples/generated_samples/snippet_metadata_assuredworkloads_v1beta1.json @@ -978,159 +978,6 @@ ], "title": "assuredworkloads_v1beta1_generated_assured_workloads_service_restrict_allowed_resources_sync.py" }, - { - "canonical": true, - "clientMethod": { - "async": true, - "client": { - "fullName": "google.cloud.assuredworkloads_v1beta1.AssuredWorkloadsServiceAsyncClient", - "shortName": "AssuredWorkloadsServiceAsyncClient" - }, - "fullName": "google.cloud.assuredworkloads_v1beta1.AssuredWorkloadsServiceAsyncClient.restrict_allowed_services", - "method": { - "fullName": "google.cloud.assuredworkloads.v1beta1.AssuredWorkloadsService.RestrictAllowedServices", - "service": { - "fullName": "google.cloud.assuredworkloads.v1beta1.AssuredWorkloadsService", - "shortName": "AssuredWorkloadsService" - }, - "shortName": "RestrictAllowedServices" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.assuredworkloads_v1beta1.types.RestrictAllowedServicesRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.assuredworkloads_v1beta1.types.RestrictAllowedServicesResponse", - "shortName": "restrict_allowed_services" - }, - "description": "Sample for RestrictAllowedServices", - "file": "assuredworkloads_v1beta1_generated_assured_workloads_service_restrict_allowed_services_async.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "assuredworkloads_v1beta1_generated_AssuredWorkloadsService_RestrictAllowedServices_async", - "segments": [ - { - "end": 45, - "start": 27, - "type": "FULL" - }, - { - "end": 45, - "start": 27, - "type": "SHORT" - }, - { - "end": 33, - "start": 31, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 39, - "start": 34, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 42, - "start": 40, - "type": "REQUEST_EXECUTION" - }, - { - "end": 46, - "start": 43, - "type": "RESPONSE_HANDLING" - } - ], - "title": "assuredworkloads_v1beta1_generated_assured_workloads_service_restrict_allowed_services_async.py" - }, - { - "canonical": true, - "clientMethod": { - "client": { - "fullName": "google.cloud.assuredworkloads_v1beta1.AssuredWorkloadsServiceClient", - "shortName": "AssuredWorkloadsServiceClient" - }, - "fullName": "google.cloud.assuredworkloads_v1beta1.AssuredWorkloadsServiceClient.restrict_allowed_services", - "method": { - "fullName": "google.cloud.assuredworkloads.v1beta1.AssuredWorkloadsService.RestrictAllowedServices", - "service": { - "fullName": "google.cloud.assuredworkloads.v1beta1.AssuredWorkloadsService", - "shortName": "AssuredWorkloadsService" - }, - "shortName": "RestrictAllowedServices" - }, - "parameters": [ - { - "name": "request", - "type": "google.cloud.assuredworkloads_v1beta1.types.RestrictAllowedServicesRequest" - }, - { - "name": "retry", - "type": "google.api_core.retry.Retry" - }, - { - "name": "timeout", - "type": "float" - }, - { - "name": "metadata", - "type": "Sequence[Tuple[str, str]" - } - ], - "resultType": "google.cloud.assuredworkloads_v1beta1.types.RestrictAllowedServicesResponse", - "shortName": "restrict_allowed_services" - }, - "description": "Sample for RestrictAllowedServices", - "file": "assuredworkloads_v1beta1_generated_assured_workloads_service_restrict_allowed_services_sync.py", - "language": "PYTHON", - "origin": "API_DEFINITION", - "regionTag": "assuredworkloads_v1beta1_generated_AssuredWorkloadsService_RestrictAllowedServices_sync", - "segments": [ - { - "end": 45, - "start": 27, - "type": "FULL" - }, - { - "end": 45, - "start": 27, - "type": "SHORT" - }, - { - "end": 33, - "start": 31, - "type": "CLIENT_INITIALIZATION" - }, - { - "end": 39, - "start": 34, - "type": "REQUEST_INITIALIZATION" - }, - { - "end": 42, - "start": 40, - "type": "REQUEST_EXECUTION" - }, - { - "end": 46, - "start": 43, - "type": "RESPONSE_HANDLING" - } - ], - "title": "assuredworkloads_v1beta1_generated_assured_workloads_service_restrict_allowed_services_sync.py" - }, { "canonical": true, "clientMethod": { diff --git a/packages/google-cloud-assured-workloads/scripts/fixup_assuredworkloads_v1beta1_keywords.py b/packages/google-cloud-assured-workloads/scripts/fixup_assuredworkloads_v1beta1_keywords.py index c102ad1ee355..7ff9b0d866c4 100644 --- a/packages/google-cloud-assured-workloads/scripts/fixup_assuredworkloads_v1beta1_keywords.py +++ b/packages/google-cloud-assured-workloads/scripts/fixup_assuredworkloads_v1beta1_keywords.py @@ -45,7 +45,6 @@ class assuredworkloadsCallTransformer(cst.CSTTransformer): 'get_workload': ('name', ), 'list_workloads': ('parent', 'page_size', 'page_token', 'filter', ), 'restrict_allowed_resources': ('name', 'restriction_type', ), - 'restrict_allowed_services': ('name', 'restriction_type', ), 'update_workload': ('workload', 'update_mask', ), } diff --git a/packages/google-cloud-assured-workloads/tests/unit/gapic/assuredworkloads_v1beta1/test_assured_workloads_service.py b/packages/google-cloud-assured-workloads/tests/unit/gapic/assuredworkloads_v1beta1/test_assured_workloads_service.py index 89dd48c7197e..9e41f1b7a2e1 100644 --- a/packages/google-cloud-assured-workloads/tests/unit/gapic/assuredworkloads_v1beta1/test_assured_workloads_service.py +++ b/packages/google-cloud-assured-workloads/tests/unit/gapic/assuredworkloads_v1beta1/test_assured_workloads_service.py @@ -1085,67 +1085,6 @@ async def test_update_workload_async_from_dict(): await test_update_workload_async(request_type=dict) -def test_update_workload_field_headers(): - client = AssuredWorkloadsServiceClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = assuredworkloads.UpdateWorkloadRequest() - - request.workload.name = "name_value" - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object(type(client.transport.update_workload), "__call__") as call: - call.return_value = assuredworkloads.Workload() - client.update_workload(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - "x-goog-request-params", - "workload.name=name_value", - ) in kw["metadata"] - - -@pytest.mark.asyncio -async def test_update_workload_field_headers_async(): - client = AssuredWorkloadsServiceAsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - ) - - # Any value that is part of the HTTP/1.1 URI should be sent as - # a field header. Set these to a non-empty value. - request = assuredworkloads.UpdateWorkloadRequest() - - request.workload.name = "name_value" - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object(type(client.transport.update_workload), "__call__") as call: - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( - assuredworkloads.Workload() - ) - await client.update_workload(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == request - - # Establish that the field header was sent. - _, _, kw = call.mock_calls[0] - assert ( - "x-goog-request-params", - "workload.name=name_value", - ) in kw["metadata"] - - def test_update_workload_flattened(): client = AssuredWorkloadsServiceClient( credentials=ga_credentials.AnonymousCredentials(), @@ -1238,96 +1177,6 @@ async def test_update_workload_flattened_error_async(): ) -@pytest.mark.parametrize( - "request_type", - [ - assuredworkloads.RestrictAllowedServicesRequest, - dict, - ], -) -def test_restrict_allowed_services(request_type, transport: str = "grpc"): - client = AssuredWorkloadsServiceClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.restrict_allowed_services), "__call__" - ) as call: - # Designate an appropriate return value for the call. - call.return_value = assuredworkloads.RestrictAllowedServicesResponse() - response = client.restrict_allowed_services(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) == 1 - _, args, _ = call.mock_calls[0] - assert args[0] == assuredworkloads.RestrictAllowedServicesRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, assuredworkloads.RestrictAllowedServicesResponse) - - -def test_restrict_allowed_services_empty_call(): - # This test is a coverage failsafe to make sure that totally empty calls, - # i.e. request == None and no flattened fields passed, work. - client = AssuredWorkloadsServiceClient( - credentials=ga_credentials.AnonymousCredentials(), - transport="grpc", - ) - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.restrict_allowed_services), "__call__" - ) as call: - client.restrict_allowed_services() - call.assert_called() - _, args, _ = call.mock_calls[0] - assert args[0] == assuredworkloads.RestrictAllowedServicesRequest() - - -@pytest.mark.asyncio -async def test_restrict_allowed_services_async( - transport: str = "grpc_asyncio", - request_type=assuredworkloads.RestrictAllowedServicesRequest, -): - client = AssuredWorkloadsServiceAsyncClient( - credentials=ga_credentials.AnonymousCredentials(), - transport=transport, - ) - - # Everything is optional in proto3 as far as the runtime is concerned, - # and we are mocking out the actual API, so just send an empty request. - request = request_type() - - # Mock the actual call within the gRPC stub, and fake the request. - with mock.patch.object( - type(client.transport.restrict_allowed_services), "__call__" - ) as call: - # Designate an appropriate return value for the call. - call.return_value = grpc_helpers_async.FakeUnaryUnaryCall( - assuredworkloads.RestrictAllowedServicesResponse() - ) - response = await client.restrict_allowed_services(request) - - # Establish that the underlying gRPC stub method was called. - assert len(call.mock_calls) - _, args, _ = call.mock_calls[0] - assert args[0] == assuredworkloads.RestrictAllowedServicesRequest() - - # Establish that the response is the type that we expect. - assert isinstance(response, assuredworkloads.RestrictAllowedServicesResponse) - - -@pytest.mark.asyncio -async def test_restrict_allowed_services_async_from_dict(): - await test_restrict_allowed_services_async(request_type=dict) - - @pytest.mark.parametrize( "request_type", [ @@ -2596,7 +2445,6 @@ def test_assured_workloads_service_base_transport(): methods = ( "create_workload", "update_workload", - "restrict_allowed_services", "restrict_allowed_resources", "delete_workload", "get_workload",