xref: /aosp_15_r20/external/googleapis/google/cloud/dataplex/v1/security.proto (revision d5c09012810ac0c9f33fe448fb6da8260d444cc9) 
1*d5c09012SAndroid Build Coastguard Worker// Copyright 2023 Google LLC
2*d5c09012SAndroid Build Coastguard Worker//
3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License");
4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License.
5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at
6*d5c09012SAndroid Build Coastguard Worker//
7*d5c09012SAndroid Build Coastguard Worker//     http://www.apache.org/licenses/LICENSE-2.0
8*d5c09012SAndroid Build Coastguard Worker//
9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software
10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS,
11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and
13*d5c09012SAndroid Build Coastguard Worker// limitations under the License.
14*d5c09012SAndroid Build Coastguard Worker
15*d5c09012SAndroid Build Coastguard Workersyntax = "proto3";
16*d5c09012SAndroid Build Coastguard Worker
17*d5c09012SAndroid Build Coastguard Workerpackage google.cloud.dataplex.v1;
18*d5c09012SAndroid Build Coastguard Worker
19*d5c09012SAndroid Build Coastguard Workerimport "google/api/field_behavior.proto";
20*d5c09012SAndroid Build Coastguard Worker
21*d5c09012SAndroid Build Coastguard Workeroption go_package = "cloud.google.com/go/dataplex/apiv1/dataplexpb;dataplexpb";
22*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true;
23*d5c09012SAndroid Build Coastguard Workeroption java_outer_classname = "SecurityProto";
24*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.cloud.dataplex.v1";
25*d5c09012SAndroid Build Coastguard Worker
26*d5c09012SAndroid Build Coastguard Worker// ResourceAccessSpec holds the access control configuration to be enforced
27*d5c09012SAndroid Build Coastguard Worker// on the resources, for example, Cloud Storage bucket, BigQuery dataset,
28*d5c09012SAndroid Build Coastguard Worker// BigQuery table.
29*d5c09012SAndroid Build Coastguard Workermessage ResourceAccessSpec {
30*d5c09012SAndroid Build Coastguard Worker  // Optional. The format of strings follows the pattern followed by IAM in the
31*d5c09012SAndroid Build Coastguard Worker  // bindings. user:{email}, serviceAccount:{email} group:{email}.
32*d5c09012SAndroid Build Coastguard Worker  // The set of principals to be granted reader role on the resource.
33*d5c09012SAndroid Build Coastguard Worker  repeated string readers = 1 [(google.api.field_behavior) = OPTIONAL];
34*d5c09012SAndroid Build Coastguard Worker
35*d5c09012SAndroid Build Coastguard Worker  // Optional. The set of principals to be granted writer role on the resource.
36*d5c09012SAndroid Build Coastguard Worker  repeated string writers = 2 [(google.api.field_behavior) = OPTIONAL];
37*d5c09012SAndroid Build Coastguard Worker
38*d5c09012SAndroid Build Coastguard Worker  // Optional. The set of principals to be granted owner role on the resource.
39*d5c09012SAndroid Build Coastguard Worker  repeated string owners = 3 [(google.api.field_behavior) = OPTIONAL];
40*d5c09012SAndroid Build Coastguard Worker}
41*d5c09012SAndroid Build Coastguard Worker
42*d5c09012SAndroid Build Coastguard Worker// DataAccessSpec holds the access control configuration to be enforced on data
43*d5c09012SAndroid Build Coastguard Worker// stored within resources (eg: rows, columns in BigQuery Tables). When
44*d5c09012SAndroid Build Coastguard Worker// associated with data, the data is only accessible to
45*d5c09012SAndroid Build Coastguard Worker// principals explicitly granted access through the DataAccessSpec. Principals
46*d5c09012SAndroid Build Coastguard Worker// with access to the containing resource are not implicitly granted access.
47*d5c09012SAndroid Build Coastguard Workermessage DataAccessSpec {
48*d5c09012SAndroid Build Coastguard Worker  // Optional. The format of strings follows the pattern followed by IAM in the
49*d5c09012SAndroid Build Coastguard Worker  // bindings. user:{email}, serviceAccount:{email} group:{email}.
50*d5c09012SAndroid Build Coastguard Worker  // The set of principals to be granted reader role on data
51*d5c09012SAndroid Build Coastguard Worker  // stored within resources.
52*d5c09012SAndroid Build Coastguard Worker  repeated string readers = 1 [(google.api.field_behavior) = OPTIONAL];
53*d5c09012SAndroid Build Coastguard Worker}
54