googleapis
diff --git a/‎accesscontextmanager/v1/accesscontextmanager-api.json
Lines changed: 112 additions & 1 deletion b/‎accesscontextmanager/v1/accesscontextmanager-api.json
Lines changed: 112 additions & 1 deletion
diff --git a/‎accesscontextmanager/v1/accesscontextmanager-gen.go
Lines changed: 164 additions & 0 deletions b/‎accesscontextmanager/v1/accesscontextmanager-gen.go
Lines changed: 164 additions & 0 deletions
@@ -1290,7 +1290,7 @@
       }
     }
   },
-  "revision": "20240811",
+  "revision": "20240908",
   "rootUrl": "https://accesscontextmanager.googleapis.com/",
   "schemas": {
     "AccessContextManagerOperationMetadata": {
@@ -1357,6 +1357,35 @@
       },
       "type": "object"
     },
+    "AccessScope": {
+      "description": "Access scope represents the client scope, etc. to which the settings will be applied to.",
+      "id": "AccessScope",
+      "properties": {
+        "clientScope": {
+          "$ref": "ClientScope",
+          "description": "Optional. Client scope for this access scope."
+        }
+      },
+      "type": "object"
+    },
+    "AccessSettings": {
+      "description": "Access settings represent the set of conditions that must be met for access to be granted. At least one of the fields must be set.",
+      "id": "AccessSettings",
+      "properties": {
+        "accessLevels": {
+          "description": "Optional. Access level that a user must have to be granted access. Only one access level is supported, not multiple. This repeated field must have exactly one element. Example: \"accessPolicies/9522/accessLevels/device_trusted\"",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "reauthSettings": {
+          "$ref": "ReauthSettings",
+          "description": "Optional. Reauth settings applied to user access on a given AccessScope."
+        }
+      },
+      "type": "object"
+    },
     "ApiOperation": {
       "description": "Identification for an API Operation.",
       "id": "ApiOperation",
@@ -1550,6 +1579,17 @@
       "properties": {},
       "type": "object"
     },
+    "ClientScope": {
+      "description": "Client scope represents the application, etc. subject to this binding's restrictions.",
+      "id": "ClientScope",
+      "properties": {
+        "restrictedClientApplication": {
+          "$ref": "Application",
+          "description": "Optional. The application that is subject to this binding's scope."
+        }
+      },
+      "type": "object"
+    },
     "CommitServicePerimetersRequest": {
       "description": "A request to commit dry-run specs in all Service Perimeters belonging to an Access Policy.",
       "id": "CommitServicePerimetersRequest",
@@ -1860,12 +1900,23 @@
           "description": "Immutable. Assigned by the server during creation. The last segment has an arbitrary length and has only URI unreserved characters (as defined by [RFC 3986 Section 2.3](https://tools.ietf.org/html/rfc3986#section-2.3)). Should not be specified by the client during creation. Example: \"organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N\"",
           "type": "string"
         },
+        "reauthSettings": {
+          "$ref": "ReauthSettings",
+          "description": "Optional. GCSL policy for the group key."
+        },
         "restrictedClientApplications": {
           "description": "Optional. A list of applications that are subject to this binding's restrictions. If the list is empty, the binding restrictions will universally apply to all applications.",
           "items": {
             "$ref": "Application"
           },
           "type": "array"
+        },
+        "scopedAccessSettings": {
+          "description": "Optional. A list of scoped access settings that set this binding's restrictions on a subset of applications. This field cannot be set if restricted_client_applications is set.",
+          "items": {
+            "$ref": "ScopedAccessSettings"
+          },
+          "type": "array"
         }
       },
       "type": "object"
@@ -2231,6 +2282,47 @@
       },
       "type": "object"
     },
+    "ReauthSettings": {
+      "description": "Stores settings related to Google Cloud Session Length including session duration, the type of challenge (i.e. method) they should face when their session expires, and other related settings.",
+      "id": "ReauthSettings",
+      "properties": {
+        "maxInactivity": {
+          "description": "Optional. How long a user is allowed to take between actions before a new access token must be issued. Presently only set for Cloud Apps.",
+          "format": "google-duration",
+          "type": "string"
+        },
+        "reauthMethod": {
+          "description": "Optional. Reauth method when users GCP session is up.",
+          "enum": [
+            "REAUTH_METHOD_UNSPECIFIED",
+            "LOGIN",
+            "SECURITY_KEY",
+            "PASSWORD"
+          ],
+          "enumDescriptions": [
+            "If method undefined in API, we will use LOGIN by default.",
+            "The user will prompted to perform regular login. Users who are enrolled for two-step verification and haven't chosen to \"Remember this computer\" will be prompted for their second factor.",
+            "The user will be prompted to autheticate using their security key. If no security key has been configured, then we will fallback to LOGIN.",
+            "The user will be prompted for their password."
+          ],
+          "type": "string"
+        },
+        "sessionLength": {
+          "description": "Optional. The session length. Setting this field to zero is equal to disabling. Reauth. Also can set infinite session by flipping the enabled bit to false below. If use_oidc_max_age is true, for OIDC apps, the session length will be the minimum of this field and OIDC max_age param.",
+          "format": "google-duration",
+          "type": "string"
+        },
+        "sessionLengthEnabled": {
+          "description": "Optional. Big red button to turn off GCSL. When false, all fields set above will be disregarded and the session length is basically infinite.",
+          "type": "boolean"
+        },
+        "useOidcMaxAge": {
+          "description": "Optional. Only useful for OIDC apps. When false, the OIDC max_age param, if passed in the authentication request will be ignored. When true, the re-auth period will be the minimum of the session_length field and the max_age OIDC param.",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
     "ReplaceAccessLevelsRequest": {
       "description": "A request to replace all existing Access Levels in an Access Policy with the Access Levels provided. This is done atomically.",
       "id": "ReplaceAccessLevelsRequest",
@@ -2295,6 +2387,25 @@
       },
       "type": "object"
     },
+    "ScopedAccessSettings": {
+      "description": "A relationship between access settings and its scope.",
+      "id": "ScopedAccessSettings",
+      "properties": {
+        "activeSettings": {
+          "$ref": "AccessSettings",
+          "description": "Optional. Access settings for this scoped access settings. This field may be empty if dry_run_settings is set."
+        },
+        "dryRunSettings": {
+          "$ref": "AccessSettings",
+          "description": "Optional. Dry-run access settings for this scoped access settings. This field may be empty if active_settings is set."
+        },
+        "scope": {
+          "$ref": "AccessScope",
+          "description": "Optional. Application, etc. to which the access settings will be applied to. Implicitly, this is the scoped access settings key; as such, it must be unique and non-empty."
+        }
+      },
+      "type": "object"
+    },
     "ServicePerimeter": {
       "description": "`ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project or VPC network can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.",
       "id": "ServicePerimeter",