diff --git a/docs/dyn/gkehub_v1.projects.locations.features.html b/docs/dyn/gkehub_v1.projects.locations.features.html
index 85ec36d0a0..f7fae4ab69 100644
--- a/docs/dyn/gkehub_v1.projects.locations.features.html
+++ b/docs/dyn/gkehub_v1.projects.locations.features.html
@@ -181,8 +181,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -205,6 +207,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -334,8 +350,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -358,6 +376,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -606,8 +638,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -630,6 +664,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -973,8 +1021,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -997,6 +1047,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1126,8 +1190,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1150,6 +1216,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1398,8 +1478,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1422,6 +1504,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1753,8 +1849,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1777,6 +1875,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1906,8 +2018,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1930,6 +2044,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2178,8 +2306,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2202,6 +2332,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2489,8 +2633,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2513,6 +2659,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2642,8 +2802,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2666,6 +2828,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2914,8 +3090,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2938,6 +3116,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
diff --git a/docs/dyn/gkehub_v1alpha.projects.locations.features.html b/docs/dyn/gkehub_v1alpha.projects.locations.features.html
index 65de6f6679..142b67a914 100644
--- a/docs/dyn/gkehub_v1alpha.projects.locations.features.html
+++ b/docs/dyn/gkehub_v1alpha.projects.locations.features.html
@@ -184,8 +184,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -208,6 +210,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -350,8 +366,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -374,6 +392,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -640,8 +672,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -664,6 +698,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1137,8 +1185,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1161,6 +1211,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1303,8 +1367,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1327,6 +1393,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1593,8 +1673,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1617,6 +1699,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2078,8 +2174,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2102,6 +2200,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2244,8 +2356,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2268,6 +2382,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2534,8 +2662,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2558,6 +2688,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2975,8 +3119,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2999,6 +3145,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -3141,8 +3301,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -3165,6 +3327,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -3431,8 +3607,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -3455,6 +3633,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
diff --git a/docs/dyn/gkehub_v1beta.projects.locations.features.html b/docs/dyn/gkehub_v1beta.projects.locations.features.html
index 83907290a8..0c2f5bd322 100644
--- a/docs/dyn/gkehub_v1beta.projects.locations.features.html
+++ b/docs/dyn/gkehub_v1beta.projects.locations.features.html
@@ -184,8 +184,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -208,6 +210,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -349,8 +365,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -373,6 +391,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -630,8 +662,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -654,6 +688,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1012,8 +1060,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1036,6 +1086,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1177,8 +1241,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1201,6 +1267,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1458,8 +1538,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1482,6 +1564,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1828,8 +1924,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -1852,6 +1950,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -1993,8 +2105,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2017,6 +2131,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2274,8 +2402,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2298,6 +2428,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2600,8 +2744,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2624,6 +2770,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -2765,8 +2925,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -2789,6 +2951,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
@@ -3046,8 +3222,10 @@ Method Details
"clientId": "A String", # ID for the registered client application that makes authentication requests to the Azure AD identity provider.
"clientSecret": "A String", # Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.
"encryptedClientSecret": "A String", # Output only. Encrypted AzureAD client secret.
+ "groupFormat": "A String", # Optional. Format of the AzureAD groups that the client wants for auth.
"kubectlRedirectUri": "A String", # The redirect URL that kubectl uses for authorization.
"tenant": "A String", # Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.
+ "userClaim": "A String", # Optional. Claim in the AzureAD ID Token that holds the user details.
},
"googleConfig": { # Configuration for the Google Plugin Auth flow. # GoogleConfig specific configuration.
"disable": True or False, # Disable automatic configuration of Google Plugin on supported platforms.
@@ -3070,6 +3248,20 @@ Method Details
"userPrefix": "A String", # Prefix to prepend to user name.
},
"proxy": "A String", # Proxy server address to use for auth method.
+ "samlConfig": { # Configuration for the SAML Auth flow. # SAML specific configuration.
+ "attributeMapping": { # Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is "attribute.nickname" and `value` is "assertion.nickname".
+ "a_key": "A String",
+ },
+ "groupPrefix": "A String", # Optional. Prefix to prepend to group name.
+ "groupsAttribute": "A String", # Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).
+ "identityProviderCertificates": [ # Required. The list of IdP certificates to validate the SAML response against.
+ "A String",
+ ],
+ "identityProviderId": "A String", # Required. The entity ID of the SAML IdP.
+ "identityProviderSsoUri": "A String", # Required. The URI where the SAML IdP exposes the SSO service.
+ "userAttribute": "A String", # Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).
+ "userPrefix": "A String", # Optional. Prefix to prepend to user name.
+ },
},
],
},
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1.json b/googleapiclient/discovery_cache/documents/gkehub.v1.json
index 0e41514789..20dc388bef 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1.json
@@ -1834,7 +1834,7 @@
}
}
},
-"revision": "20240225",
+"revision": "20240229",
"rootUrl": "https://gkehub.googleapis.com/",
"schemas": {
"AppDevExperienceFeatureSpec": {
@@ -3733,6 +3733,10 @@
"proxy": {
"description": "Proxy server address to use for auth method.",
"type": "string"
+},
+"samlConfig": {
+"$ref": "IdentityServiceSamlConfig",
+"description": "SAML specific configuration."
}
},
"type": "object"
@@ -3755,6 +3759,10 @@
"readOnly": true,
"type": "string"
},
+"groupFormat": {
+"description": "Optional. Format of the AzureAD groups that the client wants for auth.",
+"type": "string"
+},
"kubectlRedirectUri": {
"description": "The redirect URL that kubectl uses for authorization.",
"type": "string"
@@ -3762,6 +3770,10 @@
"tenant": {
"description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.",
"type": "string"
+},
+"userClaim": {
+"description": "Optional. Claim in the AzureAD ID Token that holds the user details.",
+"type": "string"
}
},
"type": "object"
@@ -3889,6 +3901,51 @@
},
"type": "object"
},
+"IdentityServiceSamlConfig": {
+"description": "Configuration for the SAML Auth flow.",
+"id": "IdentityServiceSamlConfig",
+"properties": {
+"attributeMapping": {
+"additionalProperties": {
+"type": "string"
+},
+"description": "Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is \"attribute.nickname\" and `value` is \"assertion.nickname\".",
+"type": "object"
+},
+"groupPrefix": {
+"description": "Optional. Prefix to prepend to group name.",
+"type": "string"
+},
+"groupsAttribute": {
+"description": "Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).",
+"type": "string"
+},
+"identityProviderCertificates": {
+"description": "Required. The list of IdP certificates to validate the SAML response against.",
+"items": {
+"type": "string"
+},
+"type": "array"
+},
+"identityProviderId": {
+"description": "Required. The entity ID of the SAML IdP.",
+"type": "string"
+},
+"identityProviderSsoUri": {
+"description": "Required. The URI where the SAML IdP exposes the SSO service.",
+"type": "string"
+},
+"userAttribute": {
+"description": "Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).",
+"type": "string"
+},
+"userPrefix": {
+"description": "Optional. Prefix to prepend to user name.",
+"type": "string"
+}
+},
+"type": "object"
+},
"KubernetesMetadata": {
"description": "KubernetesMetadata provides informational metadata for Memberships representing Kubernetes clusters.",
"id": "KubernetesMetadata",
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1alpha.json b/googleapiclient/discovery_cache/documents/gkehub.v1alpha.json
index 21186fd5c7..74f18a9a86 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1alpha.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1alpha.json
@@ -2175,7 +2175,7 @@
}
}
},
-"revision": "20240225",
+"revision": "20240229",
"rootUrl": "https://gkehub.googleapis.com/",
"schemas": {
"AnthosObservabilityFeatureSpec": {
@@ -4324,6 +4324,10 @@
"proxy": {
"description": "Proxy server address to use for auth method.",
"type": "string"
+},
+"samlConfig": {
+"$ref": "IdentityServiceSamlConfig",
+"description": "SAML specific configuration."
}
},
"type": "object"
@@ -4346,6 +4350,10 @@
"readOnly": true,
"type": "string"
},
+"groupFormat": {
+"description": "Optional. Format of the AzureAD groups that the client wants for auth.",
+"type": "string"
+},
"kubectlRedirectUri": {
"description": "The redirect URL that kubectl uses for authorization.",
"type": "string"
@@ -4353,6 +4361,10 @@
"tenant": {
"description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.",
"type": "string"
+},
+"userClaim": {
+"description": "Optional. Claim in the AzureAD ID Token that holds the user details.",
+"type": "string"
}
},
"type": "object"
@@ -4480,6 +4492,51 @@
},
"type": "object"
},
+"IdentityServiceSamlConfig": {
+"description": "Configuration for the SAML Auth flow.",
+"id": "IdentityServiceSamlConfig",
+"properties": {
+"attributeMapping": {
+"additionalProperties": {
+"type": "string"
+},
+"description": "Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is \"attribute.nickname\" and `value` is \"assertion.nickname\".",
+"type": "object"
+},
+"groupPrefix": {
+"description": "Optional. Prefix to prepend to group name.",
+"type": "string"
+},
+"groupsAttribute": {
+"description": "Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).",
+"type": "string"
+},
+"identityProviderCertificates": {
+"description": "Required. The list of IdP certificates to validate the SAML response against.",
+"items": {
+"type": "string"
+},
+"type": "array"
+},
+"identityProviderId": {
+"description": "Required. The entity ID of the SAML IdP.",
+"type": "string"
+},
+"identityProviderSsoUri": {
+"description": "Required. The URI where the SAML IdP exposes the SSO service.",
+"type": "string"
+},
+"userAttribute": {
+"description": "Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).",
+"type": "string"
+},
+"userPrefix": {
+"description": "Optional. Prefix to prepend to user name.",
+"type": "string"
+}
+},
+"type": "object"
+},
"KubernetesMetadata": {
"description": "KubernetesMetadata provides informational metadata for Memberships representing Kubernetes clusters.",
"id": "KubernetesMetadata",
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1alpha2.json b/googleapiclient/discovery_cache/documents/gkehub.v1alpha2.json
index 35c4102322..5da862b096 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1alpha2.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1alpha2.json
@@ -657,7 +657,7 @@
}
}
},
-"revision": "20240225",
+"revision": "20240229",
"rootUrl": "https://gkehub.googleapis.com/",
"schemas": {
"ApplianceCluster": {
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1beta.json b/googleapiclient/discovery_cache/documents/gkehub.v1beta.json
index 0a600c6c17..cc76a8021a 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1beta.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1beta.json
@@ -2024,7 +2024,7 @@
}
}
},
-"revision": "20240225",
+"revision": "20240229",
"rootUrl": "https://gkehub.googleapis.com/",
"schemas": {
"AnthosObservabilityFeatureSpec": {
@@ -4028,6 +4028,10 @@
"proxy": {
"description": "Proxy server address to use for auth method.",
"type": "string"
+},
+"samlConfig": {
+"$ref": "IdentityServiceSamlConfig",
+"description": "SAML specific configuration."
}
},
"type": "object"
@@ -4050,6 +4054,10 @@
"readOnly": true,
"type": "string"
},
+"groupFormat": {
+"description": "Optional. Format of the AzureAD groups that the client wants for auth.",
+"type": "string"
+},
"kubectlRedirectUri": {
"description": "The redirect URL that kubectl uses for authorization.",
"type": "string"
@@ -4057,6 +4065,10 @@
"tenant": {
"description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.",
"type": "string"
+},
+"userClaim": {
+"description": "Optional. Claim in the AzureAD ID Token that holds the user details.",
+"type": "string"
}
},
"type": "object"
@@ -4184,6 +4196,51 @@
},
"type": "object"
},
+"IdentityServiceSamlConfig": {
+"description": "Configuration for the SAML Auth flow.",
+"id": "IdentityServiceSamlConfig",
+"properties": {
+"attributeMapping": {
+"additionalProperties": {
+"type": "string"
+},
+"description": "Optional. The mapping of additional user attributes like nickname, birthday and address etc.. `key` is the name of this additional attribute. `value` is a string presenting as CEL(common expression language, go/cel) used for getting the value from the resources. Take nickname as an example, in this case, `key` is \"attribute.nickname\" and `value` is \"assertion.nickname\".",
+"type": "object"
+},
+"groupPrefix": {
+"description": "Optional. Prefix to prepend to group name.",
+"type": "string"
+},
+"groupsAttribute": {
+"description": "Optional. The SAML attribute to read groups from. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `group_prefix`).",
+"type": "string"
+},
+"identityProviderCertificates": {
+"description": "Required. The list of IdP certificates to validate the SAML response against.",
+"items": {
+"type": "string"
+},
+"type": "array"
+},
+"identityProviderId": {
+"description": "Required. The entity ID of the SAML IdP.",
+"type": "string"
+},
+"identityProviderSsoUri": {
+"description": "Required. The URI where the SAML IdP exposes the SSO service.",
+"type": "string"
+},
+"userAttribute": {
+"description": "Optional. The SAML attribute to read username from. If unspecified, the username will be read from the NameID element of the assertion in SAML response. This value is expected to be a string and will be passed along as-is (with the option of being prefixed by the `user_prefix`).",
+"type": "string"
+},
+"userPrefix": {
+"description": "Optional. Prefix to prepend to user name.",
+"type": "string"
+}
+},
+"type": "object"
+},
"KubernetesMetadata": {
"description": "KubernetesMetadata provides informational metadata for Memberships representing Kubernetes clusters.",
"id": "KubernetesMetadata",
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json b/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json
index 1e05a1b462..844e9b6cf7 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json
@@ -712,7 +712,7 @@
}
}
},
-"revision": "20240225",
+"revision": "20240229",
"rootUrl": "https://gkehub.googleapis.com/",
"schemas": {
"ApplianceCluster": {
diff --git a/googleapiclient/discovery_cache/documents/gkehub.v2alpha.json b/googleapiclient/discovery_cache/documents/gkehub.v2alpha.json
index 7b7024918a..8e4c00031d 100644
--- a/googleapiclient/discovery_cache/documents/gkehub.v2alpha.json
+++ b/googleapiclient/discovery_cache/documents/gkehub.v2alpha.json
@@ -280,7 +280,7 @@
}
}
},
-"revision": "20240225",
+"revision": "20240229",
"rootUrl": "https://gkehub.googleapis.com/",
"schemas": {
"CancelOperationRequest": {