googleapis
diff --git a/‎discovery/assuredworkloads-v1.json
Lines changed: 86 additions & 11 deletions b/‎discovery/assuredworkloads-v1.json
Lines changed: 86 additions & 11 deletions
diff --git a/‎discovery/assuredworkloads-v1beta1.json
Lines changed: 15 additions & 9 deletions b/‎discovery/assuredworkloads-v1beta1.json
Lines changed: 15 additions & 9 deletions
@@ -310,6 +310,34 @@
                     "https://www.googleapis.com/auth/cloud-platform"
                   ]
                 },
+                "mutatePartnerPermissions": {
+                  "description": "Update the permissions settings for an existing partner workload. For force updates don't set etag field in the Workload. Only one update operation per workload can be in progress.",
+                  "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}:mutatePartnerPermissions",
+                  "httpMethod": "PATCH",
+                  "id": "assuredworkloads.organizations.locations.workloads.mutatePartnerPermissions",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "Required. The `name` field is used to identify the workload. Format: organizations/{org_id}/locations/{location_id}/workloads/{workload_id}",
+                      "location": "path",
+                      "pattern": "^organizations/[^/]+/locations/[^/]+/workloads/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/{+name}:mutatePartnerPermissions",
+                  "request": {
+                    "$ref": "GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest"
+                  },
+                  "response": {
+                    "$ref": "GoogleCloudAssuredworkloadsV1Workload"
+                  },
+                  "scopes": [
+                    "https://www.googleapis.com/auth/cloud-platform"
+                  ]
+                },
                 "patch": {
                   "description": "Updates an existing workload. Currently allows updating of workload display_name and labels. For force updates don't set etag field in the Workload. Only one update operation per workload can be in progress.",
                   "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/workloads/{workloadsId}",
@@ -491,7 +519,7 @@
       }
     }
   },
-  "revision": "20221020",
+  "revision": "20221212",
   "rootUrl": "https://assuredworkloads.googleapis.com/",
   "schemas": {
     "GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequest": {
@@ -534,7 +562,8 @@
             "CA_REGIONS_AND_SUPPORT",
             "ITAR",
             "AU_REGIONS_AND_US_SUPPORT",
-            "ASSURED_WORKLOADS_FOR_PARTNERS"
+            "ASSURED_WORKLOADS_FOR_PARTNERS",
+            "ISR_REGIONS"
           ],
           "enumDescriptions": [
             "Unknown compliance regime.",
@@ -549,7 +578,8 @@
             "Assured Workloads For Canada Regions and Support controls",
             "International Traffic in Arms Regulations",
             "Assured Workloads for Australia Regions and Support controls Available for public preview consumption. Don't create production workloads.",
-            "Assured Workloads for Partners"
+            "Assured Workloads for Partners",
+            "Assured Workloads for Israel Regions"
           ],
           "type": "string"
         },
@@ -605,6 +635,26 @@
       },
       "type": "object"
     },
+    "GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest": {
+      "description": "Request of updating permission settings for a partner workload.",
+      "id": "GoogleCloudAssuredworkloadsV1MutatePartnerPermissionsRequest",
+      "properties": {
+        "etag": {
+          "description": "Optional. The etag of the workload. If this is provided, it must match the server's etag.",
+          "type": "string"
+        },
+        "partnerPermissions": {
+          "$ref": "GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions",
+          "description": "Required. The partner permissions to be updated."
+        },
+        "updateMask": {
+          "description": "Required. The list of fields to be updated. E.g. update_mask { paths: \"partner_permissions.data_logs_viewer\"}",
+          "format": "google-fieldmask",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest": {
       "description": "Request for restricting list of available resources in Workload environment.",
       "id": "GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequest",
@@ -614,12 +664,14 @@
           "enum": [
             "RESTRICTION_TYPE_UNSPECIFIED",
             "ALLOW_ALL_GCP_RESOURCES",
-            "ALLOW_COMPLIANT_RESOURCES"
+            "ALLOW_COMPLIANT_RESOURCES",
+            "APPEND_COMPLIANT_RESOURCES"
           ],
           "enumDescriptions": [
             "Unknown restriction type.",
             "Allow the use all of all gcp products, irrespective of the compliance posture. This effectively removes gcp.restrictServiceUsage OrgPolicy on the AssuredWorkloads Folder.",
-            "Based on Workload's compliance regime, allowed list changes. See - https://cloud.google.com/assured-workloads/docs/supported-products for the list of supported resources."
+            "Based on Workload's compliance regime, allowed list changes. See - https://cloud.google.com/assured-workloads/docs/supported-products for the list of supported resources.",
+            "Similar to ALLOW_COMPLIANT_RESOURCES but adds the list of compliant resources to the existing list of resources. Effective org-policy of the Folder is considered to ensure there is no disruption to the existing customer workflows."
           ],
           "type": "string"
         }
@@ -854,7 +906,8 @@
             "CA_REGIONS_AND_SUPPORT",
             "ITAR",
             "AU_REGIONS_AND_US_SUPPORT",
-            "ASSURED_WORKLOADS_FOR_PARTNERS"
+            "ASSURED_WORKLOADS_FOR_PARTNERS",
+            "ISR_REGIONS"
           ],
           "enumDescriptions": [
             "Unknown compliance regime.",
@@ -869,7 +922,8 @@
             "Assured Workloads For Canada Regions and Support controls",
             "International Traffic in Arms Regulations",
             "Assured Workloads for Australia Regions and Support controls Available for public preview consumption. Don't create production workloads.",
-            "Assured Workloads for Partners"
+            "Assured Workloads for Partners",
+            "Assured Workloads for Israel Regions"
           ],
           "type": "string"
         },
@@ -935,14 +989,16 @@
           "type": "string"
         },
         "partner": {
-          "description": "Optional. Compliance Regime associated with this workload.",
+          "description": "Optional. Partner regime associated with this workload.",
           "enum": [
             "PARTNER_UNSPECIFIED",
-            "LOCAL_CONTROLS_BY_S3NS"
+            "LOCAL_CONTROLS_BY_S3NS",
+            "SOVEREIGN_CONTROLS_BY_T_SYSTEMS"
           ],
           "enumDescriptions": [
-            "Unknown partner regime/controls.",
-            "S3NS regime/controls."
+            "",
+            "Enum representing S3NS partner.",
+            "Enum representing T_SYSTEM partner."
           ],
           "type": "string"
         },
@@ -1007,6 +1063,25 @@
       },
       "type": "object"
     },
+    "GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions": {
+      "description": "Permissions granted to the AW Partner SA account for the customer workload",
+      "id": "GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions",
+      "properties": {
+        "dataLogsViewer": {
+          "description": "Allow partner to view data and logs",
+          "type": "boolean"
+        },
+        "remediateFolderViolations": {
+          "description": "Allow partner to monitor folder and remediate violations",
+          "type": "boolean"
+        },
+        "serviceAccessApprover": {
+          "description": "Allow partner to approve or reject Service Access requests",
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudAssuredworkloadsV1WorkloadResourceInfo": {
       "description": "Represent the resources that are children of this Workload.",
       "id": "GoogleCloudAssuredworkloadsV1WorkloadResourceInfo",
 
@@ -595,7 +595,7 @@
       }
     }
   },
-  "revision": "20221020",
+  "revision": "20221212",
   "rootUrl": "https://assuredworkloads.googleapis.com/",
   "schemas": {
     "GoogleCloudAssuredworkloadsV1beta1AcknowledgeViolationRequest": {
@@ -678,12 +678,14 @@
           "enum": [
             "RESTRICTION_TYPE_UNSPECIFIED",
             "ALLOW_ALL_GCP_RESOURCES",
-            "ALLOW_COMPLIANT_RESOURCES"
+            "ALLOW_COMPLIANT_RESOURCES",
+            "APPEND_COMPLIANT_RESOURCES"
           ],
           "enumDescriptions": [
             "Unknown restriction type.",
             "Allow the use all of all gcp products, irrespective of the compliance posture. This effectively removes gcp.restrictServiceUsage OrgPolicy on the AssuredWorkloads Folder.",
-            "Based on Workload's compliance regime, allowed list changes. See - https://cloud.google.com/assured-workloads/docs/supported-products for the list of supported resources."
+            "Based on Workload's compliance regime, allowed list changes. See - https://cloud.google.com/assured-workloads/docs/supported-products for the list of supported resources.",
+            "Similar to ALLOW_COMPLIANT_RESOURCES but adds the list of compliant resources to the existing list of compliant resources. Effective org-policy of the Folder is considered to ensure there is no disruption to the existing customer workflows."
           ],
           "type": "string"
         }
@@ -922,7 +924,8 @@
             "CA_REGIONS_AND_SUPPORT",
             "ITAR",
             "AU_REGIONS_AND_US_SUPPORT",
-            "ASSURED_WORKLOADS_FOR_PARTNERS"
+            "ASSURED_WORKLOADS_FOR_PARTNERS",
+            "ISR_REGIONS"
           ],
           "enumDescriptions": [
             "Unknown compliance regime.",
@@ -937,7 +940,8 @@
             "Assured Workloads For Canada Regions and Support controls",
             "International Traffic in Arms Regulations",
             "Assured Workloads for Australia Regions and Support controls Available for public preview consumption. Don't create production workloads.",
-            "Assured Workloads for Partners;"
+            "Assured Workloads for Partners;",
+            "Assured Workloads for Israel"
           ],
           "type": "string"
         },
@@ -1015,14 +1019,16 @@
           "type": "string"
         },
         "partner": {
-          "description": "Optional. Compliance Regime associated with this workload.",
+          "description": "Optional. Partner regime associated with this workload.",
           "enum": [
             "PARTNER_UNSPECIFIED",
-            "LOCAL_CONTROLS_BY_S3NS"
+            "LOCAL_CONTROLS_BY_S3NS",
+            "SOVEREIGN_CONTROLS_BY_T_SYSTEMS"
           ],
           "enumDescriptions": [
-            "Unknown partner regime/controls.",
-            "S3NS regime/controls."
+            "",
+            "Enum representing S3NS partner.",
+            "Enum representing T_SYSTEM partner."
           ],
           "type": "string"
         },