diff --git a/Iap/metadata/V1/Service.php b/Iap/metadata/V1/Service.php
index 43bc0e33e4b7..dd62f0cf6fea 100644
Binary files a/Iap/metadata/V1/Service.php and b/Iap/metadata/V1/Service.php differ
diff --git a/Iap/samples/V1/IdentityAwareProxyAdminServiceClient/create_tunnel_dest_group.php b/Iap/samples/V1/IdentityAwareProxyAdminServiceClient/create_tunnel_dest_group.php
index a7d32b3d0c10..b93ea1c82e9e 100644
--- a/Iap/samples/V1/IdentityAwareProxyAdminServiceClient/create_tunnel_dest_group.php
+++ b/Iap/samples/V1/IdentityAwareProxyAdminServiceClient/create_tunnel_dest_group.php
@@ -34,13 +34,14 @@
* In the following format:
* `projects/{project_number/id}/iap_tunnel/locations/{location}`. Please see
* {@see IdentityAwareProxyAdminServiceClient::tunnelLocationName()} for help formatting this field.
- * @param string $tunnelDestGroupName Immutable. Identifier for the TunnelDestGroup. Must be unique within the
- * project.
- * @param string $tunnelDestGroupId The ID to use for the TunnelDestGroup, which becomes the final component of
- * the resource name.
+ * @param string $tunnelDestGroupName Immutable. Identifier for the TunnelDestGroup. Must be unique
+ * within the project and contain only lower case letters (a-z) and dashes
+ * (-).
+ * @param string $tunnelDestGroupId The ID to use for the TunnelDestGroup, which becomes the final
+ * component of the resource name.
*
* This value must be 4-63 characters, and valid characters
- * are `[a-z][0-9]-`.
+ * are `[a-z]-`.
*/
function create_tunnel_dest_group_sample(
string $formattedParent,
diff --git a/Iap/samples/V1/IdentityAwareProxyAdminServiceClient/update_tunnel_dest_group.php b/Iap/samples/V1/IdentityAwareProxyAdminServiceClient/update_tunnel_dest_group.php
index e6b26d81a4db..56eaf0f0f099 100644
--- a/Iap/samples/V1/IdentityAwareProxyAdminServiceClient/update_tunnel_dest_group.php
+++ b/Iap/samples/V1/IdentityAwareProxyAdminServiceClient/update_tunnel_dest_group.php
@@ -30,8 +30,9 @@
/**
* Updates a TunnelDestGroup.
*
- * @param string $tunnelDestGroupName Immutable. Identifier for the TunnelDestGroup. Must be unique within the
- * project.
+ * @param string $tunnelDestGroupName Immutable. Identifier for the TunnelDestGroup. Must be unique
+ * within the project and contain only lower case letters (a-z) and dashes
+ * (-).
*/
function update_tunnel_dest_group_sample(string $tunnelDestGroupName): void
{
diff --git a/Iap/src/V1/AccessDeniedPageSettings.php b/Iap/src/V1/AccessDeniedPageSettings.php
index a785eb4f4b5e..ab5f609a7ec3 100644
--- a/Iap/src/V1/AccessDeniedPageSettings.php
+++ b/Iap/src/V1/AccessDeniedPageSettings.php
@@ -31,6 +31,13 @@ class AccessDeniedPageSettings extends \Google\Protobuf\Internal\Message
* Generated from protobuf field .google.protobuf.BoolValue generate_troubleshooting_uri = 2;
*/
private $generate_troubleshooting_uri = null;
+ /**
+ * Whether to generate remediation token on access denied events to this
+ * application.
+ *
+ * Generated from protobuf field optional .google.protobuf.BoolValue remediation_token_generation_enabled = 3;
+ */
+ private $remediation_token_generation_enabled = null;
/**
* Constructor.
@@ -43,6 +50,9 @@ class AccessDeniedPageSettings extends \Google\Protobuf\Internal\Message
* @type \Google\Protobuf\BoolValue $generate_troubleshooting_uri
* Whether to generate a troubleshooting URL on access denied events to this
* application.
+ * @type \Google\Protobuf\BoolValue $remediation_token_generation_enabled
+ * Whether to generate remediation token on access denied events to this
+ * application.
* }
*/
public function __construct($data = NULL) {
@@ -180,5 +190,72 @@ public function setGenerateTroubleshootingUriValue($var)
$this->writeWrapperValue("generate_troubleshooting_uri", $var);
return $this;}
+ /**
+ * Whether to generate remediation token on access denied events to this
+ * application.
+ *
+ * Generated from protobuf field optional .google.protobuf.BoolValue remediation_token_generation_enabled = 3;
+ * @return \Google\Protobuf\BoolValue|null
+ */
+ public function getRemediationTokenGenerationEnabled()
+ {
+ return $this->remediation_token_generation_enabled;
+ }
+
+ public function hasRemediationTokenGenerationEnabled()
+ {
+ return isset($this->remediation_token_generation_enabled);
+ }
+
+ public function clearRemediationTokenGenerationEnabled()
+ {
+ unset($this->remediation_token_generation_enabled);
+ }
+
+ /**
+ * Returns the unboxed value from getRemediationTokenGenerationEnabled()
+
+ * Whether to generate remediation token on access denied events to this
+ * application.
+ *
+ * Generated from protobuf field optional .google.protobuf.BoolValue remediation_token_generation_enabled = 3;
+ * @return bool|null
+ */
+ public function getRemediationTokenGenerationEnabledValue()
+ {
+ return $this->readWrapperValue("remediation_token_generation_enabled");
+ }
+
+ /**
+ * Whether to generate remediation token on access denied events to this
+ * application.
+ *
+ * Generated from protobuf field optional .google.protobuf.BoolValue remediation_token_generation_enabled = 3;
+ * @param \Google\Protobuf\BoolValue $var
+ * @return $this
+ */
+ public function setRemediationTokenGenerationEnabled($var)
+ {
+ GPBUtil::checkMessage($var, \Google\Protobuf\BoolValue::class);
+ $this->remediation_token_generation_enabled = $var;
+
+ return $this;
+ }
+
+ /**
+ * Sets the field by wrapping a primitive type in a Google\Protobuf\BoolValue object.
+
+ * Whether to generate remediation token on access denied events to this
+ * application.
+ *
+ * Generated from protobuf field optional .google.protobuf.BoolValue remediation_token_generation_enabled = 3;
+ * @param bool|null $var
+ * @return $this
+ */
+ public function setRemediationTokenGenerationEnabledValue($var)
+ {
+ $this->writeWrapperValue("remediation_token_generation_enabled", $var);
+ return $this;}
+
}
diff --git a/Iap/src/V1/AccessSettings.php b/Iap/src/V1/AccessSettings.php
index 85693b1decac..ac713a161b2f 100644
--- a/Iap/src/V1/AccessSettings.php
+++ b/Iap/src/V1/AccessSettings.php
@@ -39,6 +39,12 @@ class AccessSettings extends \Google\Protobuf\Internal\Message
* Generated from protobuf field .google.cloud.iap.v1.ReauthSettings reauth_settings = 6;
*/
private $reauth_settings = null;
+ /**
+ * Settings to configure and enable allowed domains.
+ *
+ * Generated from protobuf field .google.cloud.iap.v1.AllowedDomainsSettings allowed_domains_settings = 7;
+ */
+ private $allowed_domains_settings = null;
/**
* Constructor.
@@ -54,6 +60,8 @@ class AccessSettings extends \Google\Protobuf\Internal\Message
* Settings to configure IAP's OAuth behavior.
* @type \Google\Cloud\Iap\V1\ReauthSettings $reauth_settings
* Settings to configure reauthentication policies in IAP.
+ * @type \Google\Cloud\Iap\V1\AllowedDomainsSettings $allowed_domains_settings
+ * Settings to configure and enable allowed domains.
* }
*/
public function __construct($data = NULL) {
@@ -205,5 +213,41 @@ public function setReauthSettings($var)
return $this;
}
+ /**
+ * Settings to configure and enable allowed domains.
+ *
+ * Generated from protobuf field .google.cloud.iap.v1.AllowedDomainsSettings allowed_domains_settings = 7;
+ * @return \Google\Cloud\Iap\V1\AllowedDomainsSettings|null
+ */
+ public function getAllowedDomainsSettings()
+ {
+ return $this->allowed_domains_settings;
+ }
+
+ public function hasAllowedDomainsSettings()
+ {
+ return isset($this->allowed_domains_settings);
+ }
+
+ public function clearAllowedDomainsSettings()
+ {
+ unset($this->allowed_domains_settings);
+ }
+
+ /**
+ * Settings to configure and enable allowed domains.
+ *
+ * Generated from protobuf field .google.cloud.iap.v1.AllowedDomainsSettings allowed_domains_settings = 7;
+ * @param \Google\Cloud\Iap\V1\AllowedDomainsSettings $var
+ * @return $this
+ */
+ public function setAllowedDomainsSettings($var)
+ {
+ GPBUtil::checkMessage($var, \Google\Cloud\Iap\V1\AllowedDomainsSettings::class);
+ $this->allowed_domains_settings = $var;
+
+ return $this;
+ }
+
}
diff --git a/Iap/src/V1/AllowedDomainsSettings.php b/Iap/src/V1/AllowedDomainsSettings.php
new file mode 100644
index 000000000000..20712a4bf7b1
--- /dev/null
+++ b/Iap/src/V1/AllowedDomainsSettings.php
@@ -0,0 +1,112 @@
+google.cloud.iap.v1.AllowedDomainsSettings
+ */
+class AllowedDomainsSettings extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * Configuration for customers to opt in for the feature.
+ *
+ * Generated from protobuf field optional bool enable = 1;
+ */
+ private $enable = null;
+ /**
+ * List of trusted domains.
+ *
+ * Generated from protobuf field repeated string domains = 2;
+ */
+ private $domains;
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type bool $enable
+ * Configuration for customers to opt in for the feature.
+ * @type array|\Google\Protobuf\Internal\RepeatedField $domains
+ * List of trusted domains.
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Google\Cloud\Iap\V1\Service::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * Configuration for customers to opt in for the feature.
+ *
+ * Generated from protobuf field optional bool enable = 1;
+ * @return bool
+ */
+ public function getEnable()
+ {
+ return isset($this->enable) ? $this->enable : false;
+ }
+
+ public function hasEnable()
+ {
+ return isset($this->enable);
+ }
+
+ public function clearEnable()
+ {
+ unset($this->enable);
+ }
+
+ /**
+ * Configuration for customers to opt in for the feature.
+ *
+ * Generated from protobuf field optional bool enable = 1;
+ * @param bool $var
+ * @return $this
+ */
+ public function setEnable($var)
+ {
+ GPBUtil::checkBool($var);
+ $this->enable = $var;
+
+ return $this;
+ }
+
+ /**
+ * List of trusted domains.
+ *
+ * Generated from protobuf field repeated string domains = 2;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getDomains()
+ {
+ return $this->domains;
+ }
+
+ /**
+ * List of trusted domains.
+ *
+ * Generated from protobuf field repeated string domains = 2;
+ * @param array|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setDomains($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::STRING);
+ $this->domains = $arr;
+
+ return $this;
+ }
+
+}
+
diff --git a/Iap/src/V1/ApplicationSettings.php b/Iap/src/V1/ApplicationSettings.php
index 5e766d937922..d93f32551c53 100644
--- a/Iap/src/V1/ApplicationSettings.php
+++ b/Iap/src/V1/ApplicationSettings.php
@@ -16,7 +16,7 @@
class ApplicationSettings extends \Google\Protobuf\Internal\Message
{
/**
- * Settings to configure IAP's behavior for a CSM mesh.
+ * Settings to configure IAP's behavior for a service mesh.
*
* Generated from protobuf field .google.cloud.iap.v1.CsmSettings csm_settings = 1;
*/
@@ -34,6 +34,12 @@ class ApplicationSettings extends \Google\Protobuf\Internal\Message
* Generated from protobuf field .google.protobuf.StringValue cookie_domain = 3;
*/
private $cookie_domain = null;
+ /**
+ * Settings to configure attribute propagation.
+ *
+ * Generated from protobuf field .google.cloud.iap.v1.AttributePropagationSettings attribute_propagation_settings = 4;
+ */
+ private $attribute_propagation_settings = null;
/**
* Constructor.
@@ -42,12 +48,14 @@ class ApplicationSettings extends \Google\Protobuf\Internal\Message
* Optional. Data for populating the Message object.
*
* @type \Google\Cloud\Iap\V1\CsmSettings $csm_settings
- * Settings to configure IAP's behavior for a CSM mesh.
+ * Settings to configure IAP's behavior for a service mesh.
* @type \Google\Cloud\Iap\V1\AccessDeniedPageSettings $access_denied_page_settings
* Customization for Access Denied page.
* @type \Google\Protobuf\StringValue $cookie_domain
* The Domain value to set for cookies generated by IAP. This value is not
* validated by the API, but will be ignored at runtime if invalid.
+ * @type \Google\Cloud\Iap\V1\AttributePropagationSettings $attribute_propagation_settings
+ * Settings to configure attribute propagation.
* }
*/
public function __construct($data = NULL) {
@@ -56,7 +64,7 @@ public function __construct($data = NULL) {
}
/**
- * Settings to configure IAP's behavior for a CSM mesh.
+ * Settings to configure IAP's behavior for a service mesh.
*
* Generated from protobuf field .google.cloud.iap.v1.CsmSettings csm_settings = 1;
* @return \Google\Cloud\Iap\V1\CsmSettings|null
@@ -77,7 +85,7 @@ public function clearCsmSettings()
}
/**
- * Settings to configure IAP's behavior for a CSM mesh.
+ * Settings to configure IAP's behavior for a service mesh.
*
* Generated from protobuf field .google.cloud.iap.v1.CsmSettings csm_settings = 1;
* @param \Google\Cloud\Iap\V1\CsmSettings $var
@@ -194,5 +202,41 @@ public function setCookieDomainValue($var)
$this->writeWrapperValue("cookie_domain", $var);
return $this;}
+ /**
+ * Settings to configure attribute propagation.
+ *
+ * Generated from protobuf field .google.cloud.iap.v1.AttributePropagationSettings attribute_propagation_settings = 4;
+ * @return \Google\Cloud\Iap\V1\AttributePropagationSettings|null
+ */
+ public function getAttributePropagationSettings()
+ {
+ return $this->attribute_propagation_settings;
+ }
+
+ public function hasAttributePropagationSettings()
+ {
+ return isset($this->attribute_propagation_settings);
+ }
+
+ public function clearAttributePropagationSettings()
+ {
+ unset($this->attribute_propagation_settings);
+ }
+
+ /**
+ * Settings to configure attribute propagation.
+ *
+ * Generated from protobuf field .google.cloud.iap.v1.AttributePropagationSettings attribute_propagation_settings = 4;
+ * @param \Google\Cloud\Iap\V1\AttributePropagationSettings $var
+ * @return $this
+ */
+ public function setAttributePropagationSettings($var)
+ {
+ GPBUtil::checkMessage($var, \Google\Cloud\Iap\V1\AttributePropagationSettings::class);
+ $this->attribute_propagation_settings = $var;
+
+ return $this;
+ }
+
}
diff --git a/Iap/src/V1/AttributePropagationSettings.php b/Iap/src/V1/AttributePropagationSettings.php
new file mode 100644
index 000000000000..8a5f94f27186
--- /dev/null
+++ b/Iap/src/V1/AttributePropagationSettings.php
@@ -0,0 +1,252 @@
+google.cloud.iap.v1.AttributePropagationSettings
+ */
+class AttributePropagationSettings extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * Raw string CEL expression. Must return a list of attributes. Maximum of 45
+ * attributes can be selected. Expressions can select different attribute
+ * types from `attributes`: `attributes.saml_attributes`,
+ * `attributes.iap_attributes`. Limited functions are supported:
+ * - `filter: .filter(, )` -> returns a subset of
+ * `` where `` is true for every item.
+ * - `in: in ` -> returns true if `` contains ``
+ * - `selectByName: .selectByName()` -> returns the attribute
+ * in
+ * `` with the given `` name, otherwise returns empty.
+ * - `emitAs: .emitAs()` -> sets the `` name
+ * field to the given `` for propagation in selected output
+ * credentials.
+ * - `strict: .strict()` -> ignore the `x-goog-iap-attr-` prefix
+ * for the provided `` when propagating via the `HEADER` output
+ * credential, i.e. request headers.
+ * - `append: .append()` OR
+ * `.append()` -> append the provided `` or
+ * `` onto the end of ``.
+ * Example expression: `attributes.saml_attributes.filter(x, x.name in
+ * ['test']).append(attributes.iap_attributes.selectByName('exact').emitAs('custom').strict())`
+ *
+ * Generated from protobuf field optional string expression = 1;
+ */
+ private $expression = null;
+ /**
+ * Which output credentials attributes selected by the CEL expression should
+ * be propagated in. All attributes will be fully duplicated in each selected
+ * output credential.
+ *
+ * Generated from protobuf field repeated .google.cloud.iap.v1.AttributePropagationSettings.OutputCredentials output_credentials = 2;
+ */
+ private $output_credentials;
+ /**
+ * Whether the provided attribute propagation settings should be evaluated on
+ * user requests. If set to true, attributes returned from the expression will
+ * be propagated in the set output credentials.
+ *
+ * Generated from protobuf field optional bool enable = 3;
+ */
+ private $enable = null;
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type string $expression
+ * Raw string CEL expression. Must return a list of attributes. Maximum of 45
+ * attributes can be selected. Expressions can select different attribute
+ * types from `attributes`: `attributes.saml_attributes`,
+ * `attributes.iap_attributes`. Limited functions are supported:
+ * - `filter: .filter(, )` -> returns a subset of
+ * `` where `` is true for every item.
+ * - `in: in ` -> returns true if `` contains ``
+ * - `selectByName: .selectByName()` -> returns the attribute
+ * in
+ * `` with the given `` name, otherwise returns empty.
+ * - `emitAs: .emitAs()` -> sets the `` name
+ * field to the given `` for propagation in selected output
+ * credentials.
+ * - `strict: .strict()` -> ignore the `x-goog-iap-attr-` prefix
+ * for the provided `` when propagating via the `HEADER` output
+ * credential, i.e. request headers.
+ * - `append: .append()` OR
+ * `.append()` -> append the provided `` or
+ * `` onto the end of ``.
+ * Example expression: `attributes.saml_attributes.filter(x, x.name in
+ * ['test']).append(attributes.iap_attributes.selectByName('exact').emitAs('custom').strict())`
+ * @type array|\Google\Protobuf\Internal\RepeatedField $output_credentials
+ * Which output credentials attributes selected by the CEL expression should
+ * be propagated in. All attributes will be fully duplicated in each selected
+ * output credential.
+ * @type bool $enable
+ * Whether the provided attribute propagation settings should be evaluated on
+ * user requests. If set to true, attributes returned from the expression will
+ * be propagated in the set output credentials.
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Google\Cloud\Iap\V1\Service::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * Raw string CEL expression. Must return a list of attributes. Maximum of 45
+ * attributes can be selected. Expressions can select different attribute
+ * types from `attributes`: `attributes.saml_attributes`,
+ * `attributes.iap_attributes`. Limited functions are supported:
+ * - `filter: .filter(, )` -> returns a subset of
+ * `` where `` is true for every item.
+ * - `in: in ` -> returns true if `` contains ``
+ * - `selectByName: .selectByName()` -> returns the attribute
+ * in
+ * `` with the given `` name, otherwise returns empty.
+ * - `emitAs: .emitAs()` -> sets the `` name
+ * field to the given `` for propagation in selected output
+ * credentials.
+ * - `strict: .strict()` -> ignore the `x-goog-iap-attr-` prefix
+ * for the provided `` when propagating via the `HEADER` output
+ * credential, i.e. request headers.
+ * - `append: .append()` OR
+ * `.append()` -> append the provided `` or
+ * `` onto the end of ``.
+ * Example expression: `attributes.saml_attributes.filter(x, x.name in
+ * ['test']).append(attributes.iap_attributes.selectByName('exact').emitAs('custom').strict())`
+ *
+ * Generated from protobuf field optional string expression = 1;
+ * @return string
+ */
+ public function getExpression()
+ {
+ return isset($this->expression) ? $this->expression : '';
+ }
+
+ public function hasExpression()
+ {
+ return isset($this->expression);
+ }
+
+ public function clearExpression()
+ {
+ unset($this->expression);
+ }
+
+ /**
+ * Raw string CEL expression. Must return a list of attributes. Maximum of 45
+ * attributes can be selected. Expressions can select different attribute
+ * types from `attributes`: `attributes.saml_attributes`,
+ * `attributes.iap_attributes`. Limited functions are supported:
+ * - `filter: .filter(, )` -> returns a subset of
+ * `` where `` is true for every item.
+ * - `in: in ` -> returns true if `` contains ``
+ * - `selectByName: .selectByName()` -> returns the attribute
+ * in
+ * `` with the given `` name, otherwise returns empty.
+ * - `emitAs: .emitAs()` -> sets the `` name
+ * field to the given `` for propagation in selected output
+ * credentials.
+ * - `strict: .strict()` -> ignore the `x-goog-iap-attr-` prefix
+ * for the provided `` when propagating via the `HEADER` output
+ * credential, i.e. request headers.
+ * - `append: .append()` OR
+ * `.append()` -> append the provided `` or
+ * `` onto the end of ``.
+ * Example expression: `attributes.saml_attributes.filter(x, x.name in
+ * ['test']).append(attributes.iap_attributes.selectByName('exact').emitAs('custom').strict())`
+ *
+ * Generated from protobuf field optional string expression = 1;
+ * @param string $var
+ * @return $this
+ */
+ public function setExpression($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->expression = $var;
+
+ return $this;
+ }
+
+ /**
+ * Which output credentials attributes selected by the CEL expression should
+ * be propagated in. All attributes will be fully duplicated in each selected
+ * output credential.
+ *
+ * Generated from protobuf field repeated .google.cloud.iap.v1.AttributePropagationSettings.OutputCredentials output_credentials = 2;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getOutputCredentials()
+ {
+ return $this->output_credentials;
+ }
+
+ /**
+ * Which output credentials attributes selected by the CEL expression should
+ * be propagated in. All attributes will be fully duplicated in each selected
+ * output credential.
+ *
+ * Generated from protobuf field repeated .google.cloud.iap.v1.AttributePropagationSettings.OutputCredentials output_credentials = 2;
+ * @param array|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setOutputCredentials($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::ENUM, \Google\Cloud\Iap\V1\AttributePropagationSettings\OutputCredentials::class);
+ $this->output_credentials = $arr;
+
+ return $this;
+ }
+
+ /**
+ * Whether the provided attribute propagation settings should be evaluated on
+ * user requests. If set to true, attributes returned from the expression will
+ * be propagated in the set output credentials.
+ *
+ * Generated from protobuf field optional bool enable = 3;
+ * @return bool
+ */
+ public function getEnable()
+ {
+ return isset($this->enable) ? $this->enable : false;
+ }
+
+ public function hasEnable()
+ {
+ return isset($this->enable);
+ }
+
+ public function clearEnable()
+ {
+ unset($this->enable);
+ }
+
+ /**
+ * Whether the provided attribute propagation settings should be evaluated on
+ * user requests. If set to true, attributes returned from the expression will
+ * be propagated in the set output credentials.
+ *
+ * Generated from protobuf field optional bool enable = 3;
+ * @param bool $var
+ * @return $this
+ */
+ public function setEnable($var)
+ {
+ GPBUtil::checkBool($var);
+ $this->enable = $var;
+
+ return $this;
+ }
+
+}
+
diff --git a/Iap/src/V1/AttributePropagationSettings/OutputCredentials.php b/Iap/src/V1/AttributePropagationSettings/OutputCredentials.php
new file mode 100644
index 000000000000..19491a7a1d1b
--- /dev/null
+++ b/Iap/src/V1/AttributePropagationSettings/OutputCredentials.php
@@ -0,0 +1,73 @@
+google.cloud.iap.v1.AttributePropagationSettings.OutputCredentials
+ */
+class OutputCredentials
+{
+ /**
+ * No output credential. This is an unsupported default.
+ *
+ * Generated from protobuf enum OUTPUT_CREDENTIALS_UNSPECIFIED = 0;
+ */
+ const OUTPUT_CREDENTIALS_UNSPECIFIED = 0;
+ /**
+ * Propagate attributes in the headers with "x-goog-iap-attr-" prefix.
+ *
+ * Generated from protobuf enum HEADER = 1;
+ */
+ const HEADER = 1;
+ /**
+ * Propagate attributes in the JWT of the form: `"additional_claims": {
+ * "my_attribute": ["value1", "value2"] }`
+ *
+ * Generated from protobuf enum JWT = 2;
+ */
+ const JWT = 2;
+ /**
+ * Propagate attributes in the RCToken of the form: `"additional_claims": {
+ * "my_attribute": ["value1", "value2"] }`
+ *
+ * Generated from protobuf enum RCTOKEN = 3;
+ */
+ const RCTOKEN = 3;
+
+ private static $valueToName = [
+ self::OUTPUT_CREDENTIALS_UNSPECIFIED => 'OUTPUT_CREDENTIALS_UNSPECIFIED',
+ self::HEADER => 'HEADER',
+ self::JWT => 'JWT',
+ self::RCTOKEN => 'RCTOKEN',
+ ];
+
+ public static function name($value)
+ {
+ if (!isset(self::$valueToName[$value])) {
+ throw new UnexpectedValueException(sprintf(
+ 'Enum %s has no name defined for value %s', __CLASS__, $value));
+ }
+ return self::$valueToName[$value];
+ }
+
+
+ public static function value($name)
+ {
+ $const = __CLASS__ . '::' . strtoupper($name);
+ if (!defined($const)) {
+ throw new UnexpectedValueException(sprintf(
+ 'Enum %s has no value defined for name %s', __CLASS__, $name));
+ }
+ return constant($const);
+ }
+}
+
+
diff --git a/Iap/src/V1/CreateTunnelDestGroupRequest.php b/Iap/src/V1/CreateTunnelDestGroupRequest.php
index 03236db0b1f2..76d1beffc3b8 100644
--- a/Iap/src/V1/CreateTunnelDestGroupRequest.php
+++ b/Iap/src/V1/CreateTunnelDestGroupRequest.php
@@ -30,10 +30,10 @@ class CreateTunnelDestGroupRequest extends \Google\Protobuf\Internal\Message
*/
private $tunnel_dest_group = null;
/**
- * Required. The ID to use for the TunnelDestGroup, which becomes the final component of
- * the resource name.
+ * Required. The ID to use for the TunnelDestGroup, which becomes the final
+ * component of the resource name.
* This value must be 4-63 characters, and valid characters
- * are `[a-z][0-9]-`.
+ * are `[a-z]-`.
*
* Generated from protobuf field string tunnel_dest_group_id = 3 [(.google.api.field_behavior) = REQUIRED];
*/
@@ -52,10 +52,10 @@ class CreateTunnelDestGroupRequest extends \Google\Protobuf\Internal\Message
* @type \Google\Cloud\Iap\V1\TunnelDestGroup $tunnel_dest_group
* Required. The TunnelDestGroup to create.
* @type string $tunnel_dest_group_id
- * Required. The ID to use for the TunnelDestGroup, which becomes the final component of
- * the resource name.
+ * Required. The ID to use for the TunnelDestGroup, which becomes the final
+ * component of the resource name.
* This value must be 4-63 characters, and valid characters
- * are `[a-z][0-9]-`.
+ * are `[a-z]-`.
* }
*/
public function __construct($data = NULL) {
@@ -130,10 +130,10 @@ public function setTunnelDestGroup($var)
}
/**
- * Required. The ID to use for the TunnelDestGroup, which becomes the final component of
- * the resource name.
+ * Required. The ID to use for the TunnelDestGroup, which becomes the final
+ * component of the resource name.
* This value must be 4-63 characters, and valid characters
- * are `[a-z][0-9]-`.
+ * are `[a-z]-`.
*
* Generated from protobuf field string tunnel_dest_group_id = 3 [(.google.api.field_behavior) = REQUIRED];
* @return string
@@ -144,10 +144,10 @@ public function getTunnelDestGroupId()
}
/**
- * Required. The ID to use for the TunnelDestGroup, which becomes the final component of
- * the resource name.
+ * Required. The ID to use for the TunnelDestGroup, which becomes the final
+ * component of the resource name.
* This value must be 4-63 characters, and valid characters
- * are `[a-z][0-9]-`.
+ * are `[a-z]-`.
*
* Generated from protobuf field string tunnel_dest_group_id = 3 [(.google.api.field_behavior) = REQUIRED];
* @param string $var
diff --git a/Iap/src/V1/CsmSettings.php b/Iap/src/V1/CsmSettings.php
index 3e1f9bc48fd8..5360157811d2 100644
--- a/Iap/src/V1/CsmSettings.php
+++ b/Iap/src/V1/CsmSettings.php
@@ -9,10 +9,10 @@
use Google\Protobuf\Internal\GPBUtil;
/**
- * Configuration for RCTokens generated for CSM workloads protected by IAP.
- * RCTokens are IAP generated JWTs that can be verified at the application. The
- * RCToken is primarily used for ISTIO deployments, and can be scoped to a
- * single mesh by configuring the audience field accordingly
+ * Configuration for RCToken generated for service mesh workloads protected by
+ * IAP. RCToken are IAP generated JWTs that can be verified at the application.
+ * The RCToken is primarily used for service mesh deployments, and can be scoped
+ * to a single mesh by configuring the audience field accordingly.
*
* Generated from protobuf message google.cloud.iap.v1.CsmSettings
*/
diff --git a/Iap/src/V1/Gapic/IdentityAwareProxyAdminServiceGapicClient.php b/Iap/src/V1/Gapic/IdentityAwareProxyAdminServiceGapicClient.php
index 07421ba4c67d..9bff1bc6a59d 100644
--- a/Iap/src/V1/Gapic/IdentityAwareProxyAdminServiceGapicClient.php
+++ b/Iap/src/V1/Gapic/IdentityAwareProxyAdminServiceGapicClient.php
@@ -326,11 +326,11 @@ public function __construct(array $options = [])
* In the following format:
* `projects/{project_number/id}/iap_tunnel/locations/{location}`.
* @param TunnelDestGroup $tunnelDestGroup Required. The TunnelDestGroup to create.
- * @param string $tunnelDestGroupId Required. The ID to use for the TunnelDestGroup, which becomes the final component of
- * the resource name.
+ * @param string $tunnelDestGroupId Required. The ID to use for the TunnelDestGroup, which becomes the final
+ * component of the resource name.
*
* This value must be 4-63 characters, and valid characters
- * are `[a-z][0-9]-`.
+ * are `[a-z]-`.
* @param array $optionalArgs {
* Optional.
*
diff --git a/Iap/src/V1/ReauthSettings.php b/Iap/src/V1/ReauthSettings.php
index 6f4c198a1637..342726f229ea 100644
--- a/Iap/src/V1/ReauthSettings.php
+++ b/Iap/src/V1/ReauthSettings.php
@@ -16,7 +16,7 @@
class ReauthSettings extends \Google\Protobuf\Internal\Message
{
/**
- * Reauth method required by the policy.
+ * Reauth method requested.
*
* Generated from protobuf field .google.cloud.iap.v1.ReauthSettings.Method method = 1;
*/
@@ -43,7 +43,7 @@ class ReauthSettings extends \Google\Protobuf\Internal\Message
* Optional. Data for populating the Message object.
*
* @type int $method
- * Reauth method required by the policy.
+ * Reauth method requested.
* @type \Google\Protobuf\Duration $max_age
* Reauth session lifetime, how long before a user has to reauthenticate
* again.
@@ -58,7 +58,7 @@ public function __construct($data = NULL) {
}
/**
- * Reauth method required by the policy.
+ * Reauth method requested.
*
* Generated from protobuf field .google.cloud.iap.v1.ReauthSettings.Method method = 1;
* @return int
@@ -69,7 +69,7 @@ public function getMethod()
}
/**
- * Reauth method required by the policy.
+ * Reauth method requested.
*
* Generated from protobuf field .google.cloud.iap.v1.ReauthSettings.Method method = 1;
* @param int $var
diff --git a/Iap/src/V1/ReauthSettings/Method.php b/Iap/src/V1/ReauthSettings/Method.php
index 0f2a943f6e98..9c21a6604999 100644
--- a/Iap/src/V1/ReauthSettings/Method.php
+++ b/Iap/src/V1/ReauthSettings/Method.php
@@ -20,19 +20,15 @@ class Method
*/
const METHOD_UNSPECIFIED = 0;
/**
- * Mimics the behavior as if the user had logged out and tried to log in
- * again. Users with 2SV (2-step verification) enabled see their 2SV
- * challenges if they did not opt to have their second factor responses
- * saved. Apps Core (GSuites) admins can configure settings to disable 2SV
- * cookies and require 2SV for all Apps Core users in their domains.
+ * Prompts the user to log in again.
*
* Generated from protobuf enum LOGIN = 1;
*/
const LOGIN = 1;
/**
- * User must type their password.
+ * Deprecated, no longer accepted by IAP APIs.
*
- * Generated from protobuf enum PASSWORD = 2;
+ * Generated from protobuf enum PASSWORD = 2 [deprecated = true];
*/
const PASSWORD = 2;
/**
diff --git a/Iap/src/V1/TunnelDestGroup.php b/Iap/src/V1/TunnelDestGroup.php
index 9aefb86f1f46..328af3b64d41 100644
--- a/Iap/src/V1/TunnelDestGroup.php
+++ b/Iap/src/V1/TunnelDestGroup.php
@@ -16,20 +16,21 @@
class TunnelDestGroup extends \Google\Protobuf\Internal\Message
{
/**
- * Required. Immutable. Identifier for the TunnelDestGroup. Must be unique within the
- * project.
+ * Required. Immutable. Identifier for the TunnelDestGroup. Must be unique
+ * within the project and contain only lower case letters (a-z) and dashes
+ * (-).
*
* Generated from protobuf field string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.field_behavior) = IMMUTABLE];
*/
private $name = '';
/**
- * null List of CIDRs that this group applies to.
+ * Unordered list. List of CIDRs that this group applies to.
*
* Generated from protobuf field repeated string cidrs = 2 [(.google.api.field_behavior) = UNORDERED_LIST];
*/
private $cidrs;
/**
- * null List of FQDNs that this group applies to.
+ * Unordered list. List of FQDNs that this group applies to.
*
* Generated from protobuf field repeated string fqdns = 3 [(.google.api.field_behavior) = UNORDERED_LIST];
*/
@@ -42,12 +43,13 @@ class TunnelDestGroup extends \Google\Protobuf\Internal\Message
* Optional. Data for populating the Message object.
*
* @type string $name
- * Required. Immutable. Identifier for the TunnelDestGroup. Must be unique within the
- * project.
+ * Required. Immutable. Identifier for the TunnelDestGroup. Must be unique
+ * within the project and contain only lower case letters (a-z) and dashes
+ * (-).
* @type array|\Google\Protobuf\Internal\RepeatedField $cidrs
- * null List of CIDRs that this group applies to.
+ * Unordered list. List of CIDRs that this group applies to.
* @type array|\Google\Protobuf\Internal\RepeatedField $fqdns
- * null List of FQDNs that this group applies to.
+ * Unordered list. List of FQDNs that this group applies to.
* }
*/
public function __construct($data = NULL) {
@@ -56,8 +58,9 @@ public function __construct($data = NULL) {
}
/**
- * Required. Immutable. Identifier for the TunnelDestGroup. Must be unique within the
- * project.
+ * Required. Immutable. Identifier for the TunnelDestGroup. Must be unique
+ * within the project and contain only lower case letters (a-z) and dashes
+ * (-).
*
* Generated from protobuf field string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.field_behavior) = IMMUTABLE];
* @return string
@@ -68,8 +71,9 @@ public function getName()
}
/**
- * Required. Immutable. Identifier for the TunnelDestGroup. Must be unique within the
- * project.
+ * Required. Immutable. Identifier for the TunnelDestGroup. Must be unique
+ * within the project and contain only lower case letters (a-z) and dashes
+ * (-).
*
* Generated from protobuf field string name = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.field_behavior) = IMMUTABLE];
* @param string $var
@@ -84,7 +88,7 @@ public function setName($var)
}
/**
- * null List of CIDRs that this group applies to.
+ * Unordered list. List of CIDRs that this group applies to.
*
* Generated from protobuf field repeated string cidrs = 2 [(.google.api.field_behavior) = UNORDERED_LIST];
* @return \Google\Protobuf\Internal\RepeatedField
@@ -95,7 +99,7 @@ public function getCidrs()
}
/**
- * null List of CIDRs that this group applies to.
+ * Unordered list. List of CIDRs that this group applies to.
*
* Generated from protobuf field repeated string cidrs = 2 [(.google.api.field_behavior) = UNORDERED_LIST];
* @param array|\Google\Protobuf\Internal\RepeatedField $var
@@ -110,7 +114,7 @@ public function setCidrs($var)
}
/**
- * null List of FQDNs that this group applies to.
+ * Unordered list. List of FQDNs that this group applies to.
*
* Generated from protobuf field repeated string fqdns = 3 [(.google.api.field_behavior) = UNORDERED_LIST];
* @return \Google\Protobuf\Internal\RepeatedField
@@ -121,7 +125,7 @@ public function getFqdns()
}
/**
- * null List of FQDNs that this group applies to.
+ * Unordered list. List of FQDNs that this group applies to.
*
* Generated from protobuf field repeated string fqdns = 3 [(.google.api.field_behavior) = UNORDERED_LIST];
* @param array|\Google\Protobuf\Internal\RepeatedField $var