Skip to content

Commit

Permalink
feat: Add service_account_id output field to CloudSQL properties
Browse files Browse the repository at this point in the history
Clients can now observe the Service Account that is being used when connecting to the CloudSQL from the BigQuery.

PiperOrigin-RevId: 463445598
  • Loading branch information
Google APIs authored and copybara-github committed Jul 26, 2022
1 parent ea22966 commit fe833dd
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 3 deletions.
7 changes: 7 additions & 0 deletions google/cloud/bigquery/connection/v1/connection.proto
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,13 @@ message CloudSqlProperties {

// Input only. Cloud SQL credential.
CloudSqlCredential credential = 4 [(google.api.field_behavior) = INPUT_ONLY];

// Output only. The account ID of the service used for the purpose of this connection.
//
// When the connection is used in the context of an operation in
// BigQuery, this service account will serve as identity being used for
// connecting to the CloudSQL instance specified in this connection.
string service_account_id = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
}

// Credential info for the Cloud SQL.
Expand Down
13 changes: 10 additions & 3 deletions google/cloud/bigquery/connection/v1beta1/connection.proto
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright 2020 Google LLC
// Copyright 2022 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -105,7 +105,7 @@ service ConnectionService {
// Sets the access control policy on the specified resource. Replaces any
// existing policy.
//
// Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED
// Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) returns (google.iam.v1.Policy) {
option (google.api.http) = {
post: "/v1beta1/{resource=projects/*/locations/*/connections/*}:setIamPolicy"
Expand All @@ -116,7 +116,7 @@ service ConnectionService {

// Returns permissions that a caller has on the specified resource.
// If the resource does not exist, this will return an empty set of
// permissions, not a NOT_FOUND error.
// permissions, not a `NOT_FOUND` error.
//
// Note: This operation is designed to be used for building permission-aware
// UIs and command-line tools, not for authorization checking. This operation
Expand Down Expand Up @@ -295,6 +295,13 @@ message CloudSqlProperties {

// Input only. Cloud SQL credential.
CloudSqlCredential credential = 4 [(google.api.field_behavior) = INPUT_ONLY];

// Output only. The account ID of the service used for the purpose of this connection.
//
// When the connection is used in the context of an operation in
// BigQuery, this service account will serve as identity being used for
// connecting to the CloudSQL instance specified in this connection.
string service_account_id = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
}

// Credential info for the Cloud SQL.
Expand Down

0 comments on commit fe833dd

Please sign in to comment.