feat: Adds AuditLog proto for reading IAM admin logs.

PiperOrigin-RevId: 321637651

google/iam/admin/v1/BUILD.bazel

@@ -1,4 +1,13 @@
 # This file was automatically generated by BuildFileGenerator
+# https://github.com/googleapis/gapic-generator/tree/master/rules_gapic/bazel
+
+# Most of the manual changes to this file will be overwritten.
+# It's **only** allowed to change the following rule attribute values:
+# - names of *_gapic_assembly_* rules
+# - certain parameters of *_gapic_library rules, including but not limited to:
+#    * extra_protoc_parameters
+#    * extra_protoc_file_parameters
+# The complete list of preserved parameters can be found in the source code.
 
 # This is an API workspace, having public visibility by default makes perfect sense.
 package(default_visibility = ["//visibility:public"])
@@ -12,6 +21,7 @@ load("@com_google_googleapis_imports//:imports.bzl", "proto_library_with_info")
 proto_library(
     name = "admin_proto",
     srcs = [
+        "audit_data.proto",
         "iam.proto",
     ],
     deps = [
@@ -305,6 +315,7 @@ ruby_gapic_library(
     name = "admin_ruby_gapic",
     src = ":admin_proto_with_info",
     gapic_yaml = "iam_gapic.yaml",
+    grpc_service_config = "iam_grpc_service_config.json",
     package = "google.iam.admin.v1",
     service_yaml = "iam.yaml",
     deps = [
@@ -349,6 +360,7 @@ csharp_gapic_library(
     name = "admin_csharp_gapic",
     src = ":admin_proto_with_info",
     gapic_yaml = "iam_gapic.yaml",
+    grpc_service_config = "iam_grpc_service_config.json",
     package = "google.iam.admin.v1",
     service_yaml = "iam.yaml",
     deps = [

google/iam/admin/v1/audit_data.proto

@@ -0,0 +1,42 @@
+// Copyright 2020 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.iam.admin.v1;
+
+import "google/api/annotations.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/iam/admin/v1;admin";
+option java_multiple_files = true;
+option java_outer_classname = "AuditDataProto";
+option java_package = "com.google.iam.admin.v1";
+
+// Audit log information specific to Cloud IAM admin APIs. This message is
+// serialized as an `Any` type in the `ServiceData` message of an
+// `AuditLog` message.
+message AuditData {
+  // A PermissionDelta message to record the added_permissions and
+  // removed_permissions inside a role.
+  message PermissionDelta {
+    // Added permissions.
+    repeated string added_permissions = 1;
+
+    // Removed permissions.
+    repeated string removed_permissions = 2;
+  }
+
+  // The permission_delta when when creating or updating a Role.
+  PermissionDelta permission_delta = 1;
+}

google/iam/admin/v1/iam.yaml

@@ -6,6 +6,9 @@ title: Identity and Access Management (IAM) API
 apis:
 - name: google.iam.admin.v1.IAM
 
+types:
+- name: google.iam.admin.v1.AuditData
+
 documentation:
   summary: |-
     Manages identity and access control for Google Cloud Platform resources,