feat: Add service_account_id output field to CloudSQL properties

Google APIs · copybara-github · commit fe833ddc7356 · 2022-07-26T15:47:20.000-07:00
Clients can now observe the Service Account that is being used when connecting to the CloudSQL from the BigQuery.

PiperOrigin-RevId: 463445598
diff --git a/google/cloud/bigquery/connection/v1/connection.proto b/google/cloud/bigquery/connection/v1/connection.proto
@@ -275,6 +275,13 @@ message CloudSqlProperties {
 
   // Input only. Cloud SQL credential.
   CloudSqlCredential credential = 4 [(google.api.field_behavior) = INPUT_ONLY];
+
+  // Output only. The account ID of the service used for the purpose of this connection.
+  //
+  // When the connection is used in the context of an operation in
+  // BigQuery, this service account will serve as identity being used for
+  // connecting to the CloudSQL instance specified in this connection.
+  string service_account_id = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
 }
 
 // Credential info for the Cloud SQL.
diff --git a/google/cloud/bigquery/connection/v1beta1/connection.proto b/google/cloud/bigquery/connection/v1beta1/connection.proto
@@ -1,4 +1,4 @@
-// Copyright 2020 Google LLC
+// Copyright 2022 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -105,7 +105,7 @@ service ConnectionService {
   // Sets the access control policy on the specified resource. Replaces any
   // existing policy.
   //
-  // Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED
+  // Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
   rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) returns (google.iam.v1.Policy) {
     option (google.api.http) = {
       post: "/v1beta1/{resource=projects/*/locations/*/connections/*}:setIamPolicy"
@@ -116,7 +116,7 @@ service ConnectionService {
 
   // Returns permissions that a caller has on the specified resource.
   // If the resource does not exist, this will return an empty set of
-  // permissions, not a NOT_FOUND error.
+  // permissions, not a `NOT_FOUND` error.
   //
   // Note: This operation is designed to be used for building permission-aware
   // UIs and command-line tools, not for authorization checking. This operation
@@ -295,6 +295,13 @@ message CloudSqlProperties {
 
   // Input only. Cloud SQL credential.
   CloudSqlCredential credential = 4 [(google.api.field_behavior) = INPUT_ONLY];
+
+  // Output only. The account ID of the service used for the purpose of this connection.
+  //
+  // When the connection is used in the context of an operation in
+  // BigQuery, this service account will serve as identity being used for
+  // connecting to the CloudSQL instance specified in this connection.
+  string service_account_id = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
 }
 
 // Credential info for the Cloud SQL.
