diff --git a/api-list.json b/api-list.json index 3775e22f480..7b13a7d1f6c 100644 --- a/api-list.json +++ b/api-list.json @@ -4222,6 +4222,21 @@ "documentationLink": "https://www.google.com", "preferred": true }, + { + "kind": "discovery#directoryItem", + "id": "policysimulator:v1alpha", + "name": "policysimulator", + "version": "v1alpha", + "title": "Policy Simulator API", + "description": "Policy Simulator is a collection of endpoints for creating, running, and viewing a [Replay][google.cloud.policysimulator.v1beta1.Replay]. A `Replay` is a type of simulation that lets you see how your members' access to resources might change if you changed your IAM policy. During a `Replay`, Policy Simulator re-evaluates, or replays, past access attempts under both the current policy and your proposed policy, and compares those results to determine how your members' access might change under the proposed policy.", + "discoveryRestUrl": "https://policysimulator.googleapis.com/$discovery/rest?version=v1alpha", + "icons": { + "x16": "https://www.gstatic.com/images/branding/product/1x/googleg_16dp.png", + "x32": "https://www.gstatic.com/images/branding/product/1x/googleg_32dp.png" + }, + "documentationLink": "https://cloud.google.com/iam/docs/simulating-access", + "preferred": false + }, { "kind": "discovery#directoryItem", "id": "policysimulator:v1beta1", diff --git a/authorizedbuyersmarketplace/v1/authorizedbuyersmarketplace-api.json b/authorizedbuyersmarketplace/v1/authorizedbuyersmarketplace-api.json index aa28a7eeac7..778c20193c2 100644 --- a/authorizedbuyersmarketplace/v1/authorizedbuyersmarketplace-api.json +++ b/authorizedbuyersmarketplace/v1/authorizedbuyersmarketplace-api.json @@ -1307,7 +1307,7 @@ } } }, - "revision": "20220615", + "revision": "20220806", "rootUrl": "https://authorizedbuyersmarketplace.googleapis.com/", "schemas": { "AcceptProposalRequest": { @@ -2141,6 +2141,32 @@ }, "type": "object" }, + "InventoryTypeTargeting": { + "description": "Targeting of the inventory types a bid request can originate from.", + "id": "InventoryTypeTargeting", + "properties": { + "inventoryTypes": { + "description": "The list of targeted inventory types for the bid request.", + "items": { + "enum": [ + "INVENTORY_TYPE_UNSPECIFIED", + "BROWSER", + "MOBILE_APP", + "VIDEO_PLAYER" + ], + "enumDescriptions": [ + "Unspecified inventory type", + "Desktop or mobile web browser excluding ads inside a video player", + "Mobile apps other than video players and web browsers", + "Instream video and audio" + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "ListAuctionPackagesResponse": { "description": "Response message for listing auction packages.", "id": "ListAuctionPackagesResponse", @@ -2285,6 +2311,11 @@ "description": "Output only. Inventory sizes to be included/excluded.", "readOnly": true }, + "inventoryTypeTargeting": { + "$ref": "InventoryTypeTargeting", + "description": "Output only. Inventory type targeting information.", + "readOnly": true + }, "placementTargeting": { "$ref": "PlacementTargeting", "description": "Output only. Placement targeting information, for example, URL, mobile applications.", diff --git a/authorizedbuyersmarketplace/v1/authorizedbuyersmarketplace-gen.go b/authorizedbuyersmarketplace/v1/authorizedbuyersmarketplace-gen.go index 3b87f710de2..24b43607e90 100644 --- a/authorizedbuyersmarketplace/v1/authorizedbuyersmarketplace-gen.go +++ b/authorizedbuyersmarketplace/v1/authorizedbuyersmarketplace-gen.go @@ -1396,6 +1396,45 @@ func (s *InventorySizeTargeting) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// InventoryTypeTargeting: Targeting of the inventory types a bid +// request can originate from. +type InventoryTypeTargeting struct { + // InventoryTypes: The list of targeted inventory types for the bid + // request. + // + // Possible values: + // "INVENTORY_TYPE_UNSPECIFIED" - Unspecified inventory type + // "BROWSER" - Desktop or mobile web browser excluding ads inside a + // video player + // "MOBILE_APP" - Mobile apps other than video players and web + // browsers + // "VIDEO_PLAYER" - Instream video and audio + InventoryTypes []string `json:"inventoryTypes,omitempty"` + + // ForceSendFields is a list of field names (e.g. "InventoryTypes") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "InventoryTypes") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *InventoryTypeTargeting) MarshalJSON() ([]byte, error) { + type NoMethod InventoryTypeTargeting + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // ListAuctionPackagesResponse: Response message for listing auction // packages. type ListAuctionPackagesResponse struct { @@ -1672,6 +1711,10 @@ type MarketplaceTargeting struct { // included/excluded. InventorySizeTargeting *InventorySizeTargeting `json:"inventorySizeTargeting,omitempty"` + // InventoryTypeTargeting: Output only. Inventory type targeting + // information. + InventoryTypeTargeting *InventoryTypeTargeting `json:"inventoryTypeTargeting,omitempty"` + // PlacementTargeting: Output only. Placement targeting information, for // example, URL, mobile applications. PlacementTargeting *PlacementTargeting `json:"placementTargeting,omitempty"` diff --git a/baremetalsolution/v2/baremetalsolution-api.json b/baremetalsolution/v2/baremetalsolution-api.json index b9987a71743..f5400153a48 100644 --- a/baremetalsolution/v2/baremetalsolution-api.json +++ b/baremetalsolution/v2/baremetalsolution-api.json @@ -965,7 +965,7 @@ "type": "string" }, "updateMask": { - "description": "The list of fields to update. The only currently supported fields are: `snapshot_auto_delete_behavior` `snapshot_schedule_policy_name` 'labels' 'snapshot_enabled' 'snapshot_reservation_detail.reserved_space_percent'", + "description": "The list of fields to update. The only currently supported fields are: 'labels'", "format": "google-fieldmask", "location": "query", "type": "string" @@ -1084,7 +1084,7 @@ } } }, - "revision": "20220725", + "revision": "20220731", "rootUrl": "https://baremetalsolution.googleapis.com/", "schemas": { "AllowedClient": { @@ -2609,6 +2609,11 @@ "format": "int64", "type": "string" }, + "bootVolume": { + "description": "Output only. Whether this volume is a boot volume. A boot volume is one which contains a boot LUN.", + "readOnly": true, + "type": "boolean" + }, "currentSizeGib": { "description": "The current size of this storage volume, in GiB, including space reserved for snapshots. This size might be different than the requested size if the storage volume has been configured with auto grow or auto shrink.", "format": "int64", diff --git a/baremetalsolution/v2/baremetalsolution-gen.go b/baremetalsolution/v2/baremetalsolution-gen.go index 40865490a76..df13f976236 100644 --- a/baremetalsolution/v2/baremetalsolution-gen.go +++ b/baremetalsolution/v2/baremetalsolution-gen.go @@ -2313,6 +2313,10 @@ type Volume struct { // auto-grow, the value is 0. AutoGrownSizeGib int64 `json:"autoGrownSizeGib,omitempty,string"` + // BootVolume: Output only. Whether this volume is a boot volume. A boot + // volume is one which contains a boot LUN. + BootVolume bool `json:"bootVolume,omitempty"` + // CurrentSizeGib: The current size of this storage volume, in GiB, // including space reserved for snapshots. This size might be different // than the requested size if the storage volume has been configured @@ -6719,10 +6723,7 @@ func (r *ProjectsLocationsVolumesService) Patch(name string, volume *Volume) *Pr } // UpdateMask sets the optional parameter "updateMask": The list of -// fields to update. The only currently supported fields are: -// `snapshot_auto_delete_behavior` `snapshot_schedule_policy_name` -// 'labels' 'snapshot_enabled' -// 'snapshot_reservation_detail.reserved_space_percent' +// fields to update. The only currently supported fields are: 'labels' func (c *ProjectsLocationsVolumesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsVolumesPatchCall { c.urlParams_.Set("updateMask", updateMask) return c @@ -6835,7 +6836,7 @@ func (c *ProjectsLocationsVolumesPatchCall) Do(opts ...googleapi.CallOption) (*O // "type": "string" // }, // "updateMask": { - // "description": "The list of fields to update. The only currently supported fields are: `snapshot_auto_delete_behavior` `snapshot_schedule_policy_name` 'labels' 'snapshot_enabled' 'snapshot_reservation_detail.reserved_space_percent'", + // "description": "The list of fields to update. The only currently supported fields are: 'labels'", // "format": "google-fieldmask", // "location": "query", // "type": "string" diff --git a/chromepolicy/v1/chromepolicy-api.json b/chromepolicy/v1/chromepolicy-api.json index 9ec9f1794a6..636e7bc76ae 100644 --- a/chromepolicy/v1/chromepolicy-api.json +++ b/chromepolicy/v1/chromepolicy-api.json @@ -143,6 +143,123 @@ } }, "resources": { + "groups": { + "methods": { + "batchDelete": { + "description": "Delete multiple policy values that are applied to a specific group. All targets must have the same target format. That is to say that they must point to the same target resource and must have the same keys specified in `additionalTargetKeyNames`, though the values for those keys may be different. On failure the request will return the error details as part of the google.rpc.Status.", + "flatPath": "v1/customers/{customersId}/policies/groups:batchDelete", + "httpMethod": "POST", + "id": "chromepolicy.customers.policies.groups.batchDelete", + "parameterOrder": [ + "customer" + ], + "parameters": { + "customer": { + "description": "ID of the Google Workspace account or literal \"my_customer\" for the customer associated to the request.", + "location": "path", + "pattern": "^customers/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+customer}/policies/groups:batchDelete", + "request": { + "$ref": "GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest" + }, + "response": { + "$ref": "GoogleProtobufEmpty" + }, + "scopes": [ + "https://www.googleapis.com/auth/chrome.management.policy" + ] + }, + "batchModify": { + "description": "Modify multiple policy values that are applied to a specific group. All targets must have the same target format. That is to say that they must point to the same target resource and must have the same keys specified in `additionalTargetKeyNames`, though the values for those keys may be different. On failure the request will return the error details as part of the google.rpc.Status.", + "flatPath": "v1/customers/{customersId}/policies/groups:batchModify", + "httpMethod": "POST", + "id": "chromepolicy.customers.policies.groups.batchModify", + "parameterOrder": [ + "customer" + ], + "parameters": { + "customer": { + "description": "ID of the Google Workspace account or literal \"my_customer\" for the customer associated to the request.", + "location": "path", + "pattern": "^customers/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+customer}/policies/groups:batchModify", + "request": { + "$ref": "GoogleChromePolicyV1BatchModifyGroupPoliciesRequest" + }, + "response": { + "$ref": "GoogleProtobufEmpty" + }, + "scopes": [ + "https://www.googleapis.com/auth/chrome.management.policy" + ] + }, + "listGroupPriorityOrdering": { + "description": "Retrieve a group priority ordering for an app. The target app must be supplied in `additionalTargetKeyNames` in the PolicyTargetKey. On failure the request will return the error details as part of the google.rpc.Status.", + "flatPath": "v1/customers/{customersId}/policies/groups:listGroupPriorityOrdering", + "httpMethod": "POST", + "id": "chromepolicy.customers.policies.groups.listGroupPriorityOrdering", + "parameterOrder": [ + "customer" + ], + "parameters": { + "customer": { + "description": "Required. ID of the Google Workspace account or literal \"my_customer\" for the customer associated to the request.", + "location": "path", + "pattern": "^customers/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+customer}/policies/groups:listGroupPriorityOrdering", + "request": { + "$ref": "GoogleChromePolicyV1ListGroupPriorityOrderingRequest" + }, + "response": { + "$ref": "GoogleChromePolicyV1ListGroupPriorityOrderingResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/chrome.management.policy", + "https://www.googleapis.com/auth/chrome.management.policy.readonly" + ] + }, + "updateGroupPriorityOrdering": { + "description": "Update a group priority ordering for an app. The target app must be supplied in `additionalTargetKeyNames` in the PolicyTargetKey. On failure the request will return the error details as part of the google.rpc.Status.", + "flatPath": "v1/customers/{customersId}/policies/groups:updateGroupPriorityOrdering", + "httpMethod": "POST", + "id": "chromepolicy.customers.policies.groups.updateGroupPriorityOrdering", + "parameterOrder": [ + "customer" + ], + "parameters": { + "customer": { + "description": "Required. ID of the Google Workspace account or literal \"my_customer\" for the customer associated to the request.", + "location": "path", + "pattern": "^customers/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+customer}/policies/groups:updateGroupPriorityOrdering", + "request": { + "$ref": "GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest" + }, + "response": { + "$ref": "GoogleProtobufEmpty" + }, + "scopes": [ + "https://www.googleapis.com/auth/chrome.management.policy" + ] + } + } + }, "orgunits": { "methods": { "batchInherit": { @@ -324,7 +441,7 @@ } } }, - "revision": "20220718", + "revision": "20220806", "rootUrl": "https://chromepolicy.googleapis.com/", "schemas": { "ChromeCrosDpanelAutosettingsProtoPolicyApiLifecycle": { @@ -374,6 +491,20 @@ }, "type": "object" }, + "GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest": { + "description": "Request message for specifying that multiple policy values will be deleted.", + "id": "GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest", + "properties": { + "requests": { + "description": "List of policies that will be deleted as defined by the `requests`. All requests in the list must follow these restrictions: 1. All schemas in the list must have the same root namespace. 2. All `policyTargetKey.targetResource` values must point to a group resource. 3. All `policyTargetKey` values must have the same `app_id` key name in the `additionalTargetKeys`. 4. No two modification requests can reference the same `policySchema` + ` policyTargetKey` pair. ", + "items": { + "$ref": "GoogleChromePolicyV1DeleteGroupPolicyRequest" + }, + "type": "array" + } + }, + "type": "object" + }, "GoogleChromePolicyV1BatchInheritOrgUnitPoliciesRequest": { "description": "Request message for specifying that multiple policy values inherit their value from their parents.", "id": "GoogleChromePolicyV1BatchInheritOrgUnitPoliciesRequest", @@ -388,6 +519,20 @@ }, "type": "object" }, + "GoogleChromePolicyV1BatchModifyGroupPoliciesRequest": { + "description": "Request message for modifying multiple policy values for a specific group-based target.", + "id": "GoogleChromePolicyV1BatchModifyGroupPoliciesRequest", + "properties": { + "requests": { + "description": "List of policies to modify as defined by the `requests`. All requests in the list must follow these restrictions: 1. All schemas in the list must have the same root namespace. 2. All `policyTargetKey.targetResource` values must point to a group resource. 3. All `policyTargetKey` values must have the same `app_id` key name in the `additionalTargetKeys`. 4. No two modification requests can reference the same `policySchema` + ` policyTargetKey` pair. ", + "items": { + "$ref": "GoogleChromePolicyV1ModifyGroupPolicyRequest" + }, + "type": "array" + } + }, + "type": "object" + }, "GoogleChromePolicyV1BatchModifyOrgUnitPoliciesRequest": { "description": "Request message for modifying multiple policy values for a specific target.", "id": "GoogleChromePolicyV1BatchModifyOrgUnitPoliciesRequest", @@ -402,6 +547,21 @@ }, "type": "object" }, + "GoogleChromePolicyV1DeleteGroupPolicyRequest": { + "description": "Request parameters for deleting the policy value of a specific group target.", + "id": "GoogleChromePolicyV1DeleteGroupPolicyRequest", + "properties": { + "policySchema": { + "description": "The fully qualified name of the policy schema that is being inherited.", + "type": "string" + }, + "policyTargetKey": { + "$ref": "GoogleChromePolicyV1PolicyTargetKey", + "description": "Required. The key of the target for which we want to modify a policy. The target resource must point to a Group." + } + }, + "type": "object" + }, "GoogleChromePolicyV1InheritOrgUnitPolicyRequest": { "description": "Request parameters for inheriting policy value of a specific org unit target from the policy value of its parent org unit.", "id": "GoogleChromePolicyV1InheritOrgUnitPolicyRequest", @@ -417,6 +577,46 @@ }, "type": "object" }, + "GoogleChromePolicyV1ListGroupPriorityOrderingRequest": { + "description": "Request message for listing the group priority ordering of an app.", + "id": "GoogleChromePolicyV1ListGroupPriorityOrderingRequest", + "properties": { + "policyNamespace": { + "description": "Required. The namespace of the policy type for the request.", + "type": "string" + }, + "policyTargetKey": { + "$ref": "GoogleChromePolicyV1PolicyTargetKey", + "description": "Required. The key of the target for which we want to retrieve the group priority ordering. The target resource must point to an app." + } + }, + "type": "object" + }, + "GoogleChromePolicyV1ListGroupPriorityOrderingResponse": { + "description": "Response message for listing the group priority ordering of an app.", + "id": "GoogleChromePolicyV1ListGroupPriorityOrderingResponse", + "properties": { + "groupIds": { + "description": "Output only. The group IDs, in priority ordering.", + "items": { + "type": "string" + }, + "readOnly": true, + "type": "array" + }, + "policyNamespace": { + "description": "Output only. The namespace of the policy type of the group IDs.", + "readOnly": true, + "type": "string" + }, + "policyTargetKey": { + "$ref": "GoogleChromePolicyV1PolicyTargetKey", + "description": "Output only. The target resource for which the group priority ordering has been retrieved.", + "readOnly": true + } + }, + "type": "object" + }, "GoogleChromePolicyV1ListPolicySchemasResponse": { "description": "Response message for listing policy schemas that match a filter.", "id": "GoogleChromePolicyV1ListPolicySchemasResponse", @@ -435,6 +635,26 @@ }, "type": "object" }, + "GoogleChromePolicyV1ModifyGroupPolicyRequest": { + "description": "Request parameters for modifying a policy value for a specific group target.", + "id": "GoogleChromePolicyV1ModifyGroupPolicyRequest", + "properties": { + "policyTargetKey": { + "$ref": "GoogleChromePolicyV1PolicyTargetKey", + "description": "Required. The key of the target for which we want to modify a policy. The target resource must point to a Group." + }, + "policyValue": { + "$ref": "GoogleChromePolicyV1PolicyValue", + "description": "The new value for the policy." + }, + "updateMask": { + "description": "Required. Policy fields to update. Only fields in this mask will be updated; other fields in `policy_value` will be ignored (even if they have values). If a field is in this list it must have a value in 'policy_value'.", + "format": "google-fieldmask", + "type": "string" + } + }, + "type": "object" + }, "GoogleChromePolicyV1ModifyOrgUnitPolicyRequest": { "description": "Request parameters for modifying a policy value for a specific org unit target.", "id": "GoogleChromePolicyV1ModifyOrgUnitPolicyRequest", @@ -780,6 +1000,28 @@ }, "type": "object" }, + "GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest": { + "description": "Request message for updating the group priority ordering of an app.", + "id": "GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest", + "properties": { + "groupIds": { + "description": "Required. The group IDs, in desired priority ordering.", + "items": { + "type": "string" + }, + "type": "array" + }, + "policyNamespace": { + "description": "Required. The namespace of the policy type for the request.", + "type": "string" + }, + "policyTargetKey": { + "$ref": "GoogleChromePolicyV1PolicyTargetKey", + "description": "Required. The key of the target for which we want to update the group priority ordering. The target resource must point to an app." + } + }, + "type": "object" + }, "GoogleChromePolicyV1UploadPolicyFileRequest": { "description": "Request message for uploading a file for a policy. Next ID: 5", "id": "GoogleChromePolicyV1UploadPolicyFileRequest", diff --git a/chromepolicy/v1/chromepolicy-gen.go b/chromepolicy/v1/chromepolicy-gen.go index b13361813f4..4c189f3aaac 100644 --- a/chromepolicy/v1/chromepolicy-gen.go +++ b/chromepolicy/v1/chromepolicy-gen.go @@ -166,6 +166,7 @@ type CustomersService struct { func NewCustomersPoliciesService(s *Service) *CustomersPoliciesService { rs := &CustomersPoliciesService{s: s} + rs.Groups = NewCustomersPoliciesGroupsService(s) rs.Orgunits = NewCustomersPoliciesOrgunitsService(s) return rs } @@ -173,9 +174,20 @@ func NewCustomersPoliciesService(s *Service) *CustomersPoliciesService { type CustomersPoliciesService struct { s *Service + Groups *CustomersPoliciesGroupsService + Orgunits *CustomersPoliciesOrgunitsService } +func NewCustomersPoliciesGroupsService(s *Service) *CustomersPoliciesGroupsService { + rs := &CustomersPoliciesGroupsService{s: s} + return rs +} + +type CustomersPoliciesGroupsService struct { + s *Service +} + func NewCustomersPoliciesOrgunitsService(s *Service) *CustomersPoliciesOrgunitsService { rs := &CustomersPoliciesOrgunitsService{s: s} return rs @@ -288,6 +300,42 @@ func (s *GoogleChromePolicyV1AdditionalTargetKeyName) MarshalJSON() ([]byte, err return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest: Request message +// for specifying that multiple policy values will be deleted. +type GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest struct { + // Requests: List of policies that will be deleted as defined by the + // `requests`. All requests in the list must follow these restrictions: + // 1. All schemas in the list must have the same root namespace. 2. All + // `policyTargetKey.targetResource` values must point to a group + // resource. 3. All `policyTargetKey` values must have the same `app_id` + // key name in the `additionalTargetKeys`. 4. No two modification + // requests can reference the same `policySchema` + ` policyTargetKey` + // pair. + Requests []*GoogleChromePolicyV1DeleteGroupPolicyRequest `json:"requests,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Requests") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Requests") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest) MarshalJSON() ([]byte, error) { + type NoMethod GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleChromePolicyV1BatchInheritOrgUnitPoliciesRequest: Request // message for specifying that multiple policy values inherit their // value from their parents. @@ -327,6 +375,43 @@ func (s *GoogleChromePolicyV1BatchInheritOrgUnitPoliciesRequest) MarshalJSON() ( return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleChromePolicyV1BatchModifyGroupPoliciesRequest: Request message +// for modifying multiple policy values for a specific group-based +// target. +type GoogleChromePolicyV1BatchModifyGroupPoliciesRequest struct { + // Requests: List of policies to modify as defined by the `requests`. + // All requests in the list must follow these restrictions: 1. All + // schemas in the list must have the same root namespace. 2. All + // `policyTargetKey.targetResource` values must point to a group + // resource. 3. All `policyTargetKey` values must have the same `app_id` + // key name in the `additionalTargetKeys`. 4. No two modification + // requests can reference the same `policySchema` + ` policyTargetKey` + // pair. + Requests []*GoogleChromePolicyV1ModifyGroupPolicyRequest `json:"requests,omitempty"` + + // ForceSendFields is a list of field names (e.g. "Requests") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Requests") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GoogleChromePolicyV1BatchModifyGroupPoliciesRequest) MarshalJSON() ([]byte, error) { + type NoMethod GoogleChromePolicyV1BatchModifyGroupPoliciesRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleChromePolicyV1BatchModifyOrgUnitPoliciesRequest: Request // message for modifying multiple policy values for a specific target. type GoogleChromePolicyV1BatchModifyOrgUnitPoliciesRequest struct { @@ -365,6 +450,40 @@ func (s *GoogleChromePolicyV1BatchModifyOrgUnitPoliciesRequest) MarshalJSON() ([ return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleChromePolicyV1DeleteGroupPolicyRequest: Request parameters for +// deleting the policy value of a specific group target. +type GoogleChromePolicyV1DeleteGroupPolicyRequest struct { + // PolicySchema: The fully qualified name of the policy schema that is + // being inherited. + PolicySchema string `json:"policySchema,omitempty"` + + // PolicyTargetKey: Required. The key of the target for which we want to + // modify a policy. The target resource must point to a Group. + PolicyTargetKey *GoogleChromePolicyV1PolicyTargetKey `json:"policyTargetKey,omitempty"` + + // ForceSendFields is a list of field names (e.g. "PolicySchema") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "PolicySchema") to include + // in API requests with the JSON null value. By default, fields with + // empty values are omitted from API requests. However, any field with + // an empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GoogleChromePolicyV1DeleteGroupPolicyRequest) MarshalJSON() ([]byte, error) { + type NoMethod GoogleChromePolicyV1DeleteGroupPolicyRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleChromePolicyV1InheritOrgUnitPolicyRequest: Request parameters // for inheriting policy value of a specific org unit target from the // policy value of its parent org unit. @@ -400,6 +519,83 @@ func (s *GoogleChromePolicyV1InheritOrgUnitPolicyRequest) MarshalJSON() ([]byte, return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleChromePolicyV1ListGroupPriorityOrderingRequest: Request message +// for listing the group priority ordering of an app. +type GoogleChromePolicyV1ListGroupPriorityOrderingRequest struct { + // PolicyNamespace: Required. The namespace of the policy type for the + // request. + PolicyNamespace string `json:"policyNamespace,omitempty"` + + // PolicyTargetKey: Required. The key of the target for which we want to + // retrieve the group priority ordering. The target resource must point + // to an app. + PolicyTargetKey *GoogleChromePolicyV1PolicyTargetKey `json:"policyTargetKey,omitempty"` + + // ForceSendFields is a list of field names (e.g. "PolicyNamespace") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "PolicyNamespace") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *GoogleChromePolicyV1ListGroupPriorityOrderingRequest) MarshalJSON() ([]byte, error) { + type NoMethod GoogleChromePolicyV1ListGroupPriorityOrderingRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// GoogleChromePolicyV1ListGroupPriorityOrderingResponse: Response +// message for listing the group priority ordering of an app. +type GoogleChromePolicyV1ListGroupPriorityOrderingResponse struct { + // GroupIds: Output only. The group IDs, in priority ordering. + GroupIds []string `json:"groupIds,omitempty"` + + // PolicyNamespace: Output only. The namespace of the policy type of the + // group IDs. + PolicyNamespace string `json:"policyNamespace,omitempty"` + + // PolicyTargetKey: Output only. The target resource for which the group + // priority ordering has been retrieved. + PolicyTargetKey *GoogleChromePolicyV1PolicyTargetKey `json:"policyTargetKey,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "GroupIds") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "GroupIds") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GoogleChromePolicyV1ListGroupPriorityOrderingResponse) MarshalJSON() ([]byte, error) { + type NoMethod GoogleChromePolicyV1ListGroupPriorityOrderingResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleChromePolicyV1ListPolicySchemasResponse: Response message for // listing policy schemas that match a filter. type GoogleChromePolicyV1ListPolicySchemasResponse struct { @@ -437,6 +633,46 @@ func (s *GoogleChromePolicyV1ListPolicySchemasResponse) MarshalJSON() ([]byte, e return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleChromePolicyV1ModifyGroupPolicyRequest: Request parameters for +// modifying a policy value for a specific group target. +type GoogleChromePolicyV1ModifyGroupPolicyRequest struct { + // PolicyTargetKey: Required. The key of the target for which we want to + // modify a policy. The target resource must point to a Group. + PolicyTargetKey *GoogleChromePolicyV1PolicyTargetKey `json:"policyTargetKey,omitempty"` + + // PolicyValue: The new value for the policy. + PolicyValue *GoogleChromePolicyV1PolicyValue `json:"policyValue,omitempty"` + + // UpdateMask: Required. Policy fields to update. Only fields in this + // mask will be updated; other fields in `policy_value` will be ignored + // (even if they have values). If a field is in this list it must have a + // value in 'policy_value'. + UpdateMask string `json:"updateMask,omitempty"` + + // ForceSendFields is a list of field names (e.g. "PolicyTargetKey") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "PolicyTargetKey") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *GoogleChromePolicyV1ModifyGroupPolicyRequest) MarshalJSON() ([]byte, error) { + type NoMethod GoogleChromePolicyV1ModifyGroupPolicyRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleChromePolicyV1ModifyOrgUnitPolicyRequest: Request parameters // for modifying a policy value for a specific org unit target. type GoogleChromePolicyV1ModifyOrgUnitPolicyRequest struct { @@ -972,6 +1208,44 @@ func (s *GoogleChromePolicyV1ResolvedPolicy) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest: Request +// message for updating the group priority ordering of an app. +type GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest struct { + // GroupIds: Required. The group IDs, in desired priority ordering. + GroupIds []string `json:"groupIds,omitempty"` + + // PolicyNamespace: Required. The namespace of the policy type for the + // request. + PolicyNamespace string `json:"policyNamespace,omitempty"` + + // PolicyTargetKey: Required. The key of the target for which we want to + // update the group priority ordering. The target resource must point to + // an app. + PolicyTargetKey *GoogleChromePolicyV1PolicyTargetKey `json:"policyTargetKey,omitempty"` + + // ForceSendFields is a list of field names (e.g. "GroupIds") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "GroupIds") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest) MarshalJSON() ([]byte, error) { + type NoMethod GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleChromePolicyV1UploadPolicyFileRequest: Request message for // uploading a file for a policy. Next ID: 5 type GoogleChromePolicyV1UploadPolicyFileRequest struct { @@ -1532,6 +1806,597 @@ func (c *CustomersPoliciesResolveCall) Pages(ctx context.Context, f func(*Google } } +// method id "chromepolicy.customers.policies.groups.batchDelete": + +type CustomersPoliciesGroupsBatchDeleteCall struct { + s *Service + customer string + googlechromepolicyv1batchdeletegrouppoliciesrequest *GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// BatchDelete: Delete multiple policy values that are applied to a +// specific group. All targets must have the same target format. That is +// to say that they must point to the same target resource and must have +// the same keys specified in `additionalTargetKeyNames`, though the +// values for those keys may be different. On failure the request will +// return the error details as part of the google.rpc.Status. +// +// - customer: ID of the Google Workspace account or literal +// "my_customer" for the customer associated to the request. +func (r *CustomersPoliciesGroupsService) BatchDelete(customer string, googlechromepolicyv1batchdeletegrouppoliciesrequest *GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest) *CustomersPoliciesGroupsBatchDeleteCall { + c := &CustomersPoliciesGroupsBatchDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.customer = customer + c.googlechromepolicyv1batchdeletegrouppoliciesrequest = googlechromepolicyv1batchdeletegrouppoliciesrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *CustomersPoliciesGroupsBatchDeleteCall) Fields(s ...googleapi.Field) *CustomersPoliciesGroupsBatchDeleteCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *CustomersPoliciesGroupsBatchDeleteCall) Context(ctx context.Context) *CustomersPoliciesGroupsBatchDeleteCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *CustomersPoliciesGroupsBatchDeleteCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *CustomersPoliciesGroupsBatchDeleteCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googlechromepolicyv1batchdeletegrouppoliciesrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+customer}/policies/groups:batchDelete") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "customer": c.customer, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "chromepolicy.customers.policies.groups.batchDelete" call. +// Exactly one of *GoogleProtobufEmpty or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *GoogleProtobufEmpty.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *CustomersPoliciesGroupsBatchDeleteCall) Do(opts ...googleapi.CallOption) (*GoogleProtobufEmpty, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, &googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + } + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, err + } + ret := &GoogleProtobufEmpty{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Delete multiple policy values that are applied to a specific group. All targets must have the same target format. That is to say that they must point to the same target resource and must have the same keys specified in `additionalTargetKeyNames`, though the values for those keys may be different. On failure the request will return the error details as part of the google.rpc.Status.", + // "flatPath": "v1/customers/{customersId}/policies/groups:batchDelete", + // "httpMethod": "POST", + // "id": "chromepolicy.customers.policies.groups.batchDelete", + // "parameterOrder": [ + // "customer" + // ], + // "parameters": { + // "customer": { + // "description": "ID of the Google Workspace account or literal \"my_customer\" for the customer associated to the request.", + // "location": "path", + // "pattern": "^customers/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+customer}/policies/groups:batchDelete", + // "request": { + // "$ref": "GoogleChromePolicyV1BatchDeleteGroupPoliciesRequest" + // }, + // "response": { + // "$ref": "GoogleProtobufEmpty" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/chrome.management.policy" + // ] + // } + +} + +// method id "chromepolicy.customers.policies.groups.batchModify": + +type CustomersPoliciesGroupsBatchModifyCall struct { + s *Service + customer string + googlechromepolicyv1batchmodifygrouppoliciesrequest *GoogleChromePolicyV1BatchModifyGroupPoliciesRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// BatchModify: Modify multiple policy values that are applied to a +// specific group. All targets must have the same target format. That is +// to say that they must point to the same target resource and must have +// the same keys specified in `additionalTargetKeyNames`, though the +// values for those keys may be different. On failure the request will +// return the error details as part of the google.rpc.Status. +// +// - customer: ID of the Google Workspace account or literal +// "my_customer" for the customer associated to the request. +func (r *CustomersPoliciesGroupsService) BatchModify(customer string, googlechromepolicyv1batchmodifygrouppoliciesrequest *GoogleChromePolicyV1BatchModifyGroupPoliciesRequest) *CustomersPoliciesGroupsBatchModifyCall { + c := &CustomersPoliciesGroupsBatchModifyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.customer = customer + c.googlechromepolicyv1batchmodifygrouppoliciesrequest = googlechromepolicyv1batchmodifygrouppoliciesrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *CustomersPoliciesGroupsBatchModifyCall) Fields(s ...googleapi.Field) *CustomersPoliciesGroupsBatchModifyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *CustomersPoliciesGroupsBatchModifyCall) Context(ctx context.Context) *CustomersPoliciesGroupsBatchModifyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *CustomersPoliciesGroupsBatchModifyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *CustomersPoliciesGroupsBatchModifyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googlechromepolicyv1batchmodifygrouppoliciesrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+customer}/policies/groups:batchModify") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "customer": c.customer, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "chromepolicy.customers.policies.groups.batchModify" call. +// Exactly one of *GoogleProtobufEmpty or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *GoogleProtobufEmpty.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *CustomersPoliciesGroupsBatchModifyCall) Do(opts ...googleapi.CallOption) (*GoogleProtobufEmpty, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, &googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + } + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, err + } + ret := &GoogleProtobufEmpty{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Modify multiple policy values that are applied to a specific group. All targets must have the same target format. That is to say that they must point to the same target resource and must have the same keys specified in `additionalTargetKeyNames`, though the values for those keys may be different. On failure the request will return the error details as part of the google.rpc.Status.", + // "flatPath": "v1/customers/{customersId}/policies/groups:batchModify", + // "httpMethod": "POST", + // "id": "chromepolicy.customers.policies.groups.batchModify", + // "parameterOrder": [ + // "customer" + // ], + // "parameters": { + // "customer": { + // "description": "ID of the Google Workspace account or literal \"my_customer\" for the customer associated to the request.", + // "location": "path", + // "pattern": "^customers/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+customer}/policies/groups:batchModify", + // "request": { + // "$ref": "GoogleChromePolicyV1BatchModifyGroupPoliciesRequest" + // }, + // "response": { + // "$ref": "GoogleProtobufEmpty" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/chrome.management.policy" + // ] + // } + +} + +// method id "chromepolicy.customers.policies.groups.listGroupPriorityOrdering": + +type CustomersPoliciesGroupsListGroupPriorityOrderingCall struct { + s *Service + customer string + googlechromepolicyv1listgrouppriorityorderingrequest *GoogleChromePolicyV1ListGroupPriorityOrderingRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// ListGroupPriorityOrdering: Retrieve a group priority ordering for an +// app. The target app must be supplied in `additionalTargetKeyNames` in +// the PolicyTargetKey. On failure the request will return the error +// details as part of the google.rpc.Status. +// +// - customer: ID of the Google Workspace account or literal +// "my_customer" for the customer associated to the request. +func (r *CustomersPoliciesGroupsService) ListGroupPriorityOrdering(customer string, googlechromepolicyv1listgrouppriorityorderingrequest *GoogleChromePolicyV1ListGroupPriorityOrderingRequest) *CustomersPoliciesGroupsListGroupPriorityOrderingCall { + c := &CustomersPoliciesGroupsListGroupPriorityOrderingCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.customer = customer + c.googlechromepolicyv1listgrouppriorityorderingrequest = googlechromepolicyv1listgrouppriorityorderingrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *CustomersPoliciesGroupsListGroupPriorityOrderingCall) Fields(s ...googleapi.Field) *CustomersPoliciesGroupsListGroupPriorityOrderingCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *CustomersPoliciesGroupsListGroupPriorityOrderingCall) Context(ctx context.Context) *CustomersPoliciesGroupsListGroupPriorityOrderingCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *CustomersPoliciesGroupsListGroupPriorityOrderingCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *CustomersPoliciesGroupsListGroupPriorityOrderingCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googlechromepolicyv1listgrouppriorityorderingrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+customer}/policies/groups:listGroupPriorityOrdering") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "customer": c.customer, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "chromepolicy.customers.policies.groups.listGroupPriorityOrdering" call. +// Exactly one of *GoogleChromePolicyV1ListGroupPriorityOrderingResponse +// or error will be non-nil. Any non-2xx status code is an error. +// Response headers are in either +// *GoogleChromePolicyV1ListGroupPriorityOrderingResponse.ServerResponse. +// Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was +// returned. +func (c *CustomersPoliciesGroupsListGroupPriorityOrderingCall) Do(opts ...googleapi.CallOption) (*GoogleChromePolicyV1ListGroupPriorityOrderingResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, &googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + } + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, err + } + ret := &GoogleChromePolicyV1ListGroupPriorityOrderingResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Retrieve a group priority ordering for an app. The target app must be supplied in `additionalTargetKeyNames` in the PolicyTargetKey. On failure the request will return the error details as part of the google.rpc.Status.", + // "flatPath": "v1/customers/{customersId}/policies/groups:listGroupPriorityOrdering", + // "httpMethod": "POST", + // "id": "chromepolicy.customers.policies.groups.listGroupPriorityOrdering", + // "parameterOrder": [ + // "customer" + // ], + // "parameters": { + // "customer": { + // "description": "Required. ID of the Google Workspace account or literal \"my_customer\" for the customer associated to the request.", + // "location": "path", + // "pattern": "^customers/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+customer}/policies/groups:listGroupPriorityOrdering", + // "request": { + // "$ref": "GoogleChromePolicyV1ListGroupPriorityOrderingRequest" + // }, + // "response": { + // "$ref": "GoogleChromePolicyV1ListGroupPriorityOrderingResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/chrome.management.policy", + // "https://www.googleapis.com/auth/chrome.management.policy.readonly" + // ] + // } + +} + +// method id "chromepolicy.customers.policies.groups.updateGroupPriorityOrdering": + +type CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall struct { + s *Service + customer string + googlechromepolicyv1updategrouppriorityorderingrequest *GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest + urlParams_ gensupport.URLParams + ctx_ context.Context + header_ http.Header +} + +// UpdateGroupPriorityOrdering: Update a group priority ordering for an +// app. The target app must be supplied in `additionalTargetKeyNames` in +// the PolicyTargetKey. On failure the request will return the error +// details as part of the google.rpc.Status. +// +// - customer: ID of the Google Workspace account or literal +// "my_customer" for the customer associated to the request. +func (r *CustomersPoliciesGroupsService) UpdateGroupPriorityOrdering(customer string, googlechromepolicyv1updategrouppriorityorderingrequest *GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest) *CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall { + c := &CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall{s: r.s, urlParams_: make(gensupport.URLParams)} + c.customer = customer + c.googlechromepolicyv1updategrouppriorityorderingrequest = googlechromepolicyv1updategrouppriorityorderingrequest + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall) Fields(s ...googleapi.Field) *CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall) Context(ctx context.Context) *CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + var body io.Reader = nil + body, err := googleapi.WithoutDataWrapper.JSONReader(c.googlechromepolicyv1updategrouppriorityorderingrequest) + if err != nil { + return nil, err + } + reqHeaders.Set("Content-Type", "application/json") + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+customer}/policies/groups:updateGroupPriorityOrdering") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("POST", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + googleapi.Expand(req.URL, map[string]string{ + "customer": c.customer, + }) + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "chromepolicy.customers.policies.groups.updateGroupPriorityOrdering" call. +// Exactly one of *GoogleProtobufEmpty or error will be non-nil. Any +// non-2xx status code is an error. Response headers are in either +// *GoogleProtobufEmpty.ServerResponse.Header or (if a response was +// returned at all) in error.(*googleapi.Error).Header. Use +// googleapi.IsNotModified to check whether the returned error was +// because http.StatusNotModified was returned. +func (c *CustomersPoliciesGroupsUpdateGroupPriorityOrderingCall) Do(opts ...googleapi.CallOption) (*GoogleProtobufEmpty, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, &googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + } + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, err + } + ret := &GoogleProtobufEmpty{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Update a group priority ordering for an app. The target app must be supplied in `additionalTargetKeyNames` in the PolicyTargetKey. On failure the request will return the error details as part of the google.rpc.Status.", + // "flatPath": "v1/customers/{customersId}/policies/groups:updateGroupPriorityOrdering", + // "httpMethod": "POST", + // "id": "chromepolicy.customers.policies.groups.updateGroupPriorityOrdering", + // "parameterOrder": [ + // "customer" + // ], + // "parameters": { + // "customer": { + // "description": "Required. ID of the Google Workspace account or literal \"my_customer\" for the customer associated to the request.", + // "location": "path", + // "pattern": "^customers/[^/]+$", + // "required": true, + // "type": "string" + // } + // }, + // "path": "v1/{+customer}/policies/groups:updateGroupPriorityOrdering", + // "request": { + // "$ref": "GoogleChromePolicyV1UpdateGroupPriorityOrderingRequest" + // }, + // "response": { + // "$ref": "GoogleProtobufEmpty" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/chrome.management.policy" + // ] + // } + +} + // method id "chromepolicy.customers.policies.orgunits.batchInherit": type CustomersPoliciesOrgunitsBatchInheritCall struct { diff --git a/cloudasset/v1/cloudasset-api.json b/cloudasset/v1/cloudasset-api.json index 725e172fb80..b84d807ef8b 100644 --- a/cloudasset/v1/cloudasset-api.json +++ b/cloudasset/v1/cloudasset-api.json @@ -929,7 +929,7 @@ } } }, - "revision": "20220730", + "revision": "20220805", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AccessSelector": { @@ -1223,7 +1223,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudasset/v1/cloudasset-gen.go b/cloudasset/v1/cloudasset-gen.go index 7ea0b30b1f8..25aefee00b8 100644 --- a/cloudasset/v1/cloudasset-gen.go +++ b/cloudasset/v1/cloudasset-gen.go @@ -824,16 +824,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudasset/v1beta1/cloudasset-api.json b/cloudasset/v1beta1/cloudasset-api.json index 9f9aedbee0d..7c96024b6ce 100644 --- a/cloudasset/v1beta1/cloudasset-api.json +++ b/cloudasset/v1beta1/cloudasset-api.json @@ -411,7 +411,7 @@ } } }, - "revision": "20220617", + "revision": "20220805", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -546,7 +546,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudasset/v1beta1/cloudasset-gen.go b/cloudasset/v1beta1/cloudasset-gen.go index 153d34f52f1..678f0807539 100644 --- a/cloudasset/v1beta1/cloudasset-gen.go +++ b/cloudasset/v1beta1/cloudasset-gen.go @@ -466,16 +466,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudasset/v1p1beta1/cloudasset-api.json b/cloudasset/v1p1beta1/cloudasset-api.json index 299b2562e43..f6508d7214d 100644 --- a/cloudasset/v1p1beta1/cloudasset-api.json +++ b/cloudasset/v1p1beta1/cloudasset-api.json @@ -207,7 +207,7 @@ } } }, - "revision": "20220617", + "revision": "20220805", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -286,7 +286,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudasset/v1p1beta1/cloudasset-gen.go b/cloudasset/v1p1beta1/cloudasset-gen.go index 405d3322cc3..b4aa4c96e97 100644 --- a/cloudasset/v1p1beta1/cloudasset-gen.go +++ b/cloudasset/v1p1beta1/cloudasset-gen.go @@ -309,16 +309,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudasset/v1p5beta1/cloudasset-api.json b/cloudasset/v1p5beta1/cloudasset-api.json index cd854e2d278..544b1aa8855 100644 --- a/cloudasset/v1p5beta1/cloudasset-api.json +++ b/cloudasset/v1p5beta1/cloudasset-api.json @@ -177,7 +177,7 @@ } } }, - "revision": "20220617", + "revision": "20220805", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -305,7 +305,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudasset/v1p5beta1/cloudasset-gen.go b/cloudasset/v1p5beta1/cloudasset-gen.go index aa3ab8d4f41..7fd7add2ebf 100644 --- a/cloudasset/v1p5beta1/cloudasset-gen.go +++ b/cloudasset/v1p5beta1/cloudasset-gen.go @@ -384,16 +384,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudasset/v1p7beta1/cloudasset-api.json b/cloudasset/v1p7beta1/cloudasset-api.json index 493ac95f4d1..0b7f610d818 100644 --- a/cloudasset/v1p7beta1/cloudasset-api.json +++ b/cloudasset/v1p7beta1/cloudasset-api.json @@ -167,7 +167,7 @@ } } }, - "revision": "20220617", + "revision": "20220805", "rootUrl": "https://cloudasset.googleapis.com/", "schemas": { "AnalyzeIamPolicyLongrunningMetadata": { @@ -246,7 +246,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudasset/v1p7beta1/cloudasset-gen.go b/cloudasset/v1p7beta1/cloudasset-gen.go index 217218d39f1..45e30c3abab 100644 --- a/cloudasset/v1p7beta1/cloudasset-gen.go +++ b/cloudasset/v1p7beta1/cloudasset-gen.go @@ -309,16 +309,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudfunctions/v1/cloudfunctions-api.json b/cloudfunctions/v1/cloudfunctions-api.json index ca5f819ea20..fa3353b049c 100644 --- a/cloudfunctions/v1/cloudfunctions-api.json +++ b/cloudfunctions/v1/cloudfunctions-api.json @@ -546,7 +546,7 @@ } } }, - "revision": "20220707", + "revision": "20220805", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AuditConfig": { @@ -606,7 +606,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudfunctions/v1/cloudfunctions-gen.go b/cloudfunctions/v1/cloudfunctions-gen.go index a2c5770f57a..e6a90c72a5e 100644 --- a/cloudfunctions/v1/cloudfunctions-gen.go +++ b/cloudfunctions/v1/cloudfunctions-gen.go @@ -299,16 +299,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudfunctions/v2/cloudfunctions-api.json b/cloudfunctions/v2/cloudfunctions-api.json index 318b9ce0664..9279b141064 100644 --- a/cloudfunctions/v2/cloudfunctions-api.json +++ b/cloudfunctions/v2/cloudfunctions-api.json @@ -571,7 +571,7 @@ } } }, - "revision": "20220707", + "revision": "20220805", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AuditConfig": { @@ -631,7 +631,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudfunctions/v2/cloudfunctions-gen.go b/cloudfunctions/v2/cloudfunctions-gen.go index e4ff6b0877d..1493d5ca394 100644 --- a/cloudfunctions/v2/cloudfunctions-gen.go +++ b/cloudfunctions/v2/cloudfunctions-gen.go @@ -311,16 +311,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudfunctions/v2alpha/cloudfunctions-api.json b/cloudfunctions/v2alpha/cloudfunctions-api.json index 315ad0ec316..c15cf3513c8 100644 --- a/cloudfunctions/v2alpha/cloudfunctions-api.json +++ b/cloudfunctions/v2alpha/cloudfunctions-api.json @@ -571,7 +571,7 @@ } } }, - "revision": "20220707", + "revision": "20220805", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AuditConfig": { @@ -631,7 +631,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudfunctions/v2alpha/cloudfunctions-gen.go b/cloudfunctions/v2alpha/cloudfunctions-gen.go index ae1ed5cb1ec..4627c356c54 100644 --- a/cloudfunctions/v2alpha/cloudfunctions-gen.go +++ b/cloudfunctions/v2alpha/cloudfunctions-gen.go @@ -311,16 +311,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudfunctions/v2beta/cloudfunctions-api.json b/cloudfunctions/v2beta/cloudfunctions-api.json index b4acb572a4a..694313c533c 100644 --- a/cloudfunctions/v2beta/cloudfunctions-api.json +++ b/cloudfunctions/v2beta/cloudfunctions-api.json @@ -571,7 +571,7 @@ } } }, - "revision": "20220707", + "revision": "20220805", "rootUrl": "https://cloudfunctions.googleapis.com/", "schemas": { "AuditConfig": { @@ -631,7 +631,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudfunctions/v2beta/cloudfunctions-gen.go b/cloudfunctions/v2beta/cloudfunctions-gen.go index 714a13a05ca..e1006c254ca 100644 --- a/cloudfunctions/v2beta/cloudfunctions-gen.go +++ b/cloudfunctions/v2beta/cloudfunctions-gen.go @@ -311,16 +311,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudresourcemanager/v1/cloudresourcemanager-api.json b/cloudresourcemanager/v1/cloudresourcemanager-api.json index a837ca5f4ad..ee65d4789d3 100644 --- a/cloudresourcemanager/v1/cloudresourcemanager-api.json +++ b/cloudresourcemanager/v1/cloudresourcemanager-api.json @@ -1171,7 +1171,7 @@ } } }, - "revision": "20220710", + "revision": "20220807", "rootUrl": "https://cloudresourcemanager.googleapis.com/", "schemas": { "Ancestor": { @@ -1242,7 +1242,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudresourcemanager/v1/cloudresourcemanager-gen.go b/cloudresourcemanager/v1/cloudresourcemanager-gen.go index 68eb44c1572..3cbb5ddb0e8 100644 --- a/cloudresourcemanager/v1/cloudresourcemanager-gen.go +++ b/cloudresourcemanager/v1/cloudresourcemanager-gen.go @@ -348,16 +348,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudresourcemanager/v1beta1/cloudresourcemanager-api.json b/cloudresourcemanager/v1beta1/cloudresourcemanager-api.json index 9f2c129f9e5..5f016559a16 100644 --- a/cloudresourcemanager/v1beta1/cloudresourcemanager-api.json +++ b/cloudresourcemanager/v1beta1/cloudresourcemanager-api.json @@ -566,7 +566,7 @@ } } }, - "revision": "20220710", + "revision": "20220807", "rootUrl": "https://cloudresourcemanager.googleapis.com/", "schemas": { "Ancestor": { @@ -637,7 +637,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudresourcemanager/v1beta1/cloudresourcemanager-gen.go b/cloudresourcemanager/v1beta1/cloudresourcemanager-gen.go index e09d181c58e..2d2cc697405 100644 --- a/cloudresourcemanager/v1beta1/cloudresourcemanager-gen.go +++ b/cloudresourcemanager/v1beta1/cloudresourcemanager-gen.go @@ -312,16 +312,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudresourcemanager/v2/cloudresourcemanager-api.json b/cloudresourcemanager/v2/cloudresourcemanager-api.json index 99df00a4807..468f1456240 100644 --- a/cloudresourcemanager/v2/cloudresourcemanager-api.json +++ b/cloudresourcemanager/v2/cloudresourcemanager-api.json @@ -450,7 +450,7 @@ } } }, - "revision": "20220501", + "revision": "20220807", "rootUrl": "https://cloudresourcemanager.googleapis.com/", "schemas": { "AuditConfig": { @@ -510,7 +510,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudresourcemanager/v2/cloudresourcemanager-gen.go b/cloudresourcemanager/v2/cloudresourcemanager-gen.go index 0f76abf52c2..54dc6fa3fd1 100644 --- a/cloudresourcemanager/v2/cloudresourcemanager-gen.go +++ b/cloudresourcemanager/v2/cloudresourcemanager-gen.go @@ -284,16 +284,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudresourcemanager/v2beta1/cloudresourcemanager-api.json b/cloudresourcemanager/v2beta1/cloudresourcemanager-api.json index 5bf59d880c2..4507decb854 100644 --- a/cloudresourcemanager/v2beta1/cloudresourcemanager-api.json +++ b/cloudresourcemanager/v2beta1/cloudresourcemanager-api.json @@ -450,7 +450,7 @@ } } }, - "revision": "20220501", + "revision": "20220807", "rootUrl": "https://cloudresourcemanager.googleapis.com/", "schemas": { "AuditConfig": { @@ -510,7 +510,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudresourcemanager/v2beta1/cloudresourcemanager-gen.go b/cloudresourcemanager/v2beta1/cloudresourcemanager-gen.go index 9d8240550ea..9e1cd8daa69 100644 --- a/cloudresourcemanager/v2beta1/cloudresourcemanager-gen.go +++ b/cloudresourcemanager/v2beta1/cloudresourcemanager-gen.go @@ -284,16 +284,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/cloudresourcemanager/v3/cloudresourcemanager-api.json b/cloudresourcemanager/v3/cloudresourcemanager-api.json index 533e3d13a53..0e35d73ada7 100644 --- a/cloudresourcemanager/v3/cloudresourcemanager-api.json +++ b/cloudresourcemanager/v3/cloudresourcemanager-api.json @@ -1760,7 +1760,7 @@ } } }, - "revision": "20220731", + "revision": "20220807", "rootUrl": "https://cloudresourcemanager.googleapis.com/", "schemas": { "AuditConfig": { @@ -1820,7 +1820,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/cloudresourcemanager/v3/cloudresourcemanager-gen.go b/cloudresourcemanager/v3/cloudresourcemanager-gen.go index 342c06fe789..894b2e81af9 100644 --- a/cloudresourcemanager/v3/cloudresourcemanager-gen.go +++ b/cloudresourcemanager/v3/cloudresourcemanager-gen.go @@ -380,16 +380,20 @@ type Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/compute/v0.alpha/compute-api.json b/compute/v0.alpha/compute-api.json index 763c3555b31..c41a4f72f7e 100644 --- a/compute/v0.alpha/compute-api.json +++ b/compute/v0.alpha/compute-api.json @@ -39597,7 +39597,7 @@ } } }, - "revision": "20220720", + "revision": "20220726", "rootUrl": "https://compute.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -40665,6 +40665,28 @@ }, "type": "object" }, + "AllocationResourceStatus": { + "description": "[Output Only] Contains output only fields.", + "id": "AllocationResourceStatus", + "properties": { + "specificSkuAllocation": { + "$ref": "AllocationResourceStatusSpecificSKUAllocation", + "description": "Allocation Properties of this reservation." + } + }, + "type": "object" + }, + "AllocationResourceStatusSpecificSKUAllocation": { + "description": "Contains Properties set for the reservation.", + "id": "AllocationResourceStatusSpecificSKUAllocation", + "properties": { + "sourceInstanceTemplateId": { + "description": "ID of the instance template used to populate reservation properties.", + "type": "string" + } + }, + "type": "object" + }, "AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDisk": { "id": "AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDisk", "properties": { @@ -40760,6 +40782,10 @@ "instanceProperties": { "$ref": "AllocationSpecificSKUAllocationReservedInstanceProperties", "description": "The instance properties for the reservation." + }, + "sourceInstanceTemplate": { + "description": "Specific URL of the instance template used in the reservation", + "type": "string" } }, "type": "object" @@ -47011,7 +47037,7 @@ "type": "integer" }, "securityProfileGroup": { - "description": "A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action = 'apply_profile_group' and cannot be specified for other actions.", + "description": "A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action = 'apply_security_profile_group' and cannot be specified for other actions.", "type": "string" }, "targetResources": { @@ -47842,6 +47868,20 @@ "description": "Name prefix for the reservations to be created at the time of delivery. The name prefix must comply with RFC1035. Maximum allowed length for name prefix is 20. Automatically created reservations name format will be -date-####.", "type": "string" }, + "planningStatus": { + "description": "Planning state before being submitted for evaluation", + "enum": [ + "DRAFT", + "PLANNING_STATUS_UNSPECIFIED", + "SUBMITTED" + ], + "enumDescriptions": [ + "Future Reservation is being drafted.", + "", + "Future Reservation has been submitted for evaluation by GCP." + ], + "type": "string" + }, "selfLink": { "description": "[Output Only] Server-defined fully-qualified URL for this resource.", "type": "string" @@ -47880,6 +47920,10 @@ "$ref": "AllocationSpecificSKUAllocationReservedInstanceProperties", "description": "Properties of the SKU instances being reserved." }, + "sourceInstanceTemplate": { + "description": "The instance template that will be used to populate the ReservedInstanceProperties of the future reservation", + "type": "string" + }, "totalCount": { "description": "Total number of instances for which capacity assurance is requested at a future time period.", "format": "int64", @@ -47915,6 +47959,7 @@ "CANCELLED", "COMMITTED", "DECLINED", + "DRAFTING", "FAILED", "FAILED_PARTIALLY_FULFILLED", "FULFILLED", @@ -47928,6 +47973,7 @@ "Future reservation is cancelled by the customer.", "Future reservation is committed by the customer.", "Future reservation is rejected by GCP.", + "Related status for PlanningStatus.Draft. Transitions to PENDING_APPROVAL upon user submitting FR.", "Future reservation failed. No additional reservations were provided.", "Future reservation is partially fulfilled. Additional reservations were provided but did not reach total_count reserved instance slots.", "Future reservation is fulfilled completely.", @@ -47937,6 +47983,20 @@ "Future reservation capacity is being provisioned. This state will be entered after start_time, while reservations are being created to provide total_count reserved instance slots. This state will not persist past start_time + 24h." ], "type": "string" + }, + "specificSkuProperties": { + "$ref": "FutureReservationStatusSpecificSKUProperties" + } + }, + "type": "object" + }, + "FutureReservationStatusSpecificSKUProperties": { + "description": "Properties to be set for the Future Reservation.", + "id": "FutureReservationStatusSpecificSKUProperties", + "properties": { + "sourceInstanceTemplateId": { + "description": "ID of the instance template used to populate the Future Reservation properties.", + "type": "string" } }, "type": "object" @@ -67795,6 +67855,10 @@ "description": "Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation.", "type": "object" }, + "resourceStatus": { + "$ref": "AllocationResourceStatus", + "description": "[Output Only] Status information for Reservation resource." + }, "satisfiesPzs": { "description": "[Output Only] Reserved for future use.", "type": "boolean" @@ -71773,6 +71837,10 @@ "SecurityPolicyAdvancedOptionsConfig": { "id": "SecurityPolicyAdvancedOptionsConfig", "properties": { + "jsonCustomConfig": { + "$ref": "SecurityPolicyAdvancedOptionsConfigJsonCustomConfig", + "description": "Custom configuration to apply the JSON parsing. Only applicable when json_parsing is set to STANDARD." + }, "jsonParsing": { "enum": [ "DISABLED", @@ -71798,6 +71866,19 @@ }, "type": "object" }, + "SecurityPolicyAdvancedOptionsConfigJsonCustomConfig": { + "id": "SecurityPolicyAdvancedOptionsConfigJsonCustomConfig", + "properties": { + "contentTypes": { + "description": "A list of custom Content-Type header values to apply the JSON parsing. As per RFC 1341, a Content-Type header value has the following format: Content-Type := type \"/\" subtype *[\";\" parameter] When configuring a custom Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "SecurityPolicyAssociation": { "id": "SecurityPolicyAssociation", "properties": { diff --git a/compute/v0.alpha/compute-gen.go b/compute/v0.alpha/compute-gen.go index cf20cb0f056..150b24d77df 100644 --- a/compute/v0.alpha/compute-gen.go +++ b/compute/v0.alpha/compute-gen.go @@ -2960,6 +2960,68 @@ func (s *AliasIpRange) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// AllocationResourceStatus: [Output Only] Contains output only fields. +type AllocationResourceStatus struct { + // SpecificSkuAllocation: Allocation Properties of this reservation. + SpecificSkuAllocation *AllocationResourceStatusSpecificSKUAllocation `json:"specificSkuAllocation,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "SpecificSkuAllocation") to unconditionally include in API requests. + // By default, fields with empty or default values are omitted from API + // requests. However, any non-pointer, non-interface field appearing in + // ForceSendFields will be sent to the server regardless of whether the + // field is empty or not. This may be used to include empty fields in + // Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "SpecificSkuAllocation") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *AllocationResourceStatus) MarshalJSON() ([]byte, error) { + type NoMethod AllocationResourceStatus + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +// AllocationResourceStatusSpecificSKUAllocation: Contains Properties +// set for the reservation. +type AllocationResourceStatusSpecificSKUAllocation struct { + // SourceInstanceTemplateId: ID of the instance template used to + // populate reservation properties. + SourceInstanceTemplateId string `json:"sourceInstanceTemplateId,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "SourceInstanceTemplateId") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted + // from API requests. However, any non-pointer, non-interface field + // appearing in ForceSendFields will be sent to the server regardless of + // whether the field is empty or not. This may be used to include empty + // fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "SourceInstanceTemplateId") + // to include in API requests with the JSON null value. By default, + // fields with empty values are omitted from API requests. However, any + // field with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *AllocationResourceStatusSpecificSKUAllocation) MarshalJSON() ([]byte, error) { + type NoMethod AllocationResourceStatusSpecificSKUAllocation + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + type AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDisk struct { // DiskSizeGb: Specifies the size of the disk in base-2 GB. DiskSizeGb int64 `json:"diskSizeGb,omitempty,string"` @@ -3079,6 +3141,10 @@ type AllocationSpecificSKUReservation struct { // InstanceProperties: The instance properties for the reservation. InstanceProperties *AllocationSpecificSKUAllocationReservedInstanceProperties `json:"instanceProperties,omitempty"` + // SourceInstanceTemplate: Specific URL of the instance template used in + // the reservation + SourceInstanceTemplate string `json:"sourceInstanceTemplate,omitempty"` + // ForceSendFields is a list of field names (e.g. "AssuredCount") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any @@ -13230,8 +13296,8 @@ type FirewallPolicyRule struct { // SecurityProfileGroup: A fully-qualified URL of a SecurityProfile // resource instance. Example: // https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group - // Must be specified if action = 'apply_profile_group' and cannot be - // specified for other actions. + // Must be specified if action = 'apply_security_profile_group' and + // cannot be specified for other actions. SecurityProfileGroup string `json:"securityProfileGroup,omitempty"` // TargetResources: A list of network resource URLs to which this rule @@ -14471,6 +14537,15 @@ type FutureReservation struct { // reservations name format will be -date-####. NamePrefix string `json:"namePrefix,omitempty"` + // PlanningStatus: Planning state before being submitted for evaluation + // + // Possible values: + // "DRAFT" - Future Reservation is being drafted. + // "PLANNING_STATUS_UNSPECIFIED" + // "SUBMITTED" - Future Reservation has been submitted for evaluation + // by GCP. + PlanningStatus string `json:"planningStatus,omitempty"` + // SelfLink: [Output Only] Server-defined fully-qualified URL for this // resource. SelfLink string `json:"selfLink,omitempty"` @@ -14528,6 +14603,10 @@ type FutureReservationSpecificSKUProperties struct { // InstanceProperties: Properties of the SKU instances being reserved. InstanceProperties *AllocationSpecificSKUAllocationReservedInstanceProperties `json:"instanceProperties,omitempty"` + // SourceInstanceTemplate: The instance template that will be used to + // populate the ReservedInstanceProperties of the future reservation + SourceInstanceTemplate string `json:"sourceInstanceTemplate,omitempty"` + // TotalCount: Total number of instances for which capacity assurance is // requested at a future time period. TotalCount int64 `json:"totalCount,omitempty,string"` @@ -14582,6 +14661,8 @@ type FutureReservationStatus struct { // "CANCELLED" - Future reservation is cancelled by the customer. // "COMMITTED" - Future reservation is committed by the customer. // "DECLINED" - Future reservation is rejected by GCP. + // "DRAFTING" - Related status for PlanningStatus.Draft. Transitions + // to PENDING_APPROVAL upon user submitting FR. // "FAILED" - Future reservation failed. No additional reservations // were provided. // "FAILED_PARTIALLY_FULFILLED" - Future reservation is partially @@ -14599,6 +14680,8 @@ type FutureReservationStatus struct { // state will not persist past start_time + 24h. ProcurementStatus string `json:"procurementStatus,omitempty"` + SpecificSkuProperties *FutureReservationStatusSpecificSKUProperties `json:"specificSkuProperties,omitempty"` + // ForceSendFields is a list of field names (e.g. // "AutoCreatedReservations") to unconditionally include in API // requests. By default, fields with empty or default values are omitted @@ -14624,6 +14707,38 @@ func (s *FutureReservationStatus) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// FutureReservationStatusSpecificSKUProperties: Properties to be set +// for the Future Reservation. +type FutureReservationStatusSpecificSKUProperties struct { + // SourceInstanceTemplateId: ID of the instance template used to + // populate the Future Reservation properties. + SourceInstanceTemplateId string `json:"sourceInstanceTemplateId,omitempty"` + + // ForceSendFields is a list of field names (e.g. + // "SourceInstanceTemplateId") to unconditionally include in API + // requests. By default, fields with empty or default values are omitted + // from API requests. However, any non-pointer, non-interface field + // appearing in ForceSendFields will be sent to the server regardless of + // whether the field is empty or not. This may be used to include empty + // fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "SourceInstanceTemplateId") + // to include in API requests with the JSON null value. By default, + // fields with empty values are omitted from API requests. However, any + // field with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *FutureReservationStatusSpecificSKUProperties) MarshalJSON() ([]byte, error) { + type NoMethod FutureReservationStatusSpecificSKUProperties + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + type FutureReservationTimeWindow struct { Duration *Duration `json:"duration,omitempty"` @@ -46035,6 +46150,10 @@ type Reservation struct { // This is to define placement policy with reservation. ResourcePolicies map[string]string `json:"resourcePolicies,omitempty"` + // ResourceStatus: [Output Only] Status information for Reservation + // resource. + ResourceStatus *AllocationResourceStatus `json:"resourceStatus,omitempty"` + // SatisfiesPzs: [Output Only] Reserved for future use. SatisfiesPzs bool `json:"satisfiesPzs,omitempty"` @@ -51839,6 +51958,10 @@ func (s *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) MarshalJ } type SecurityPolicyAdvancedOptionsConfig struct { + // JsonCustomConfig: Custom configuration to apply the JSON parsing. + // Only applicable when json_parsing is set to STANDARD. + JsonCustomConfig *SecurityPolicyAdvancedOptionsConfigJsonCustomConfig `json:"jsonCustomConfig,omitempty"` + // Possible values: // "DISABLED" // "STANDARD" @@ -51849,7 +51972,7 @@ type SecurityPolicyAdvancedOptionsConfig struct { // "VERBOSE" LogLevel string `json:"logLevel,omitempty"` - // ForceSendFields is a list of field names (e.g. "JsonParsing") to + // ForceSendFields is a list of field names (e.g. "JsonCustomConfig") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be @@ -51857,7 +51980,40 @@ type SecurityPolicyAdvancedOptionsConfig struct { // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "JsonParsing") to include + // NullFields is a list of field names (e.g. "JsonCustomConfig") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *SecurityPolicyAdvancedOptionsConfig) MarshalJSON() ([]byte, error) { + type NoMethod SecurityPolicyAdvancedOptionsConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +type SecurityPolicyAdvancedOptionsConfigJsonCustomConfig struct { + // ContentTypes: A list of custom Content-Type header values to apply + // the JSON parsing. As per RFC 1341, a Content-Type header value has + // the following format: Content-Type := type "/" subtype *[";" + // parameter] When configuring a custom Content-Type header value, only + // the type/subtype needs to be specified, and the parameters should be + // excluded. + ContentTypes []string `json:"contentTypes,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ContentTypes") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ContentTypes") to include // in API requests with the JSON null value. By default, fields with // empty values are omitted from API requests. However, any field with // an empty value appearing in NullFields will be sent to the server as @@ -51866,8 +52022,8 @@ type SecurityPolicyAdvancedOptionsConfig struct { NullFields []string `json:"-"` } -func (s *SecurityPolicyAdvancedOptionsConfig) MarshalJSON() ([]byte, error) { - type NoMethod SecurityPolicyAdvancedOptionsConfig +func (s *SecurityPolicyAdvancedOptionsConfigJsonCustomConfig) MarshalJSON() ([]byte, error) { + type NoMethod SecurityPolicyAdvancedOptionsConfigJsonCustomConfig raw := NoMethod(*s) return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } diff --git a/compute/v0.beta/compute-api.json b/compute/v0.beta/compute-api.json index dd45c20ac37..f5601375571 100644 --- a/compute/v0.beta/compute-api.json +++ b/compute/v0.beta/compute-api.json @@ -35452,7 +35452,7 @@ } } }, - "revision": "20220720", + "revision": "20220726", "rootUrl": "https://compute.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -36784,6 +36784,13 @@ "format": "int64", "type": "string" }, + "resourceManagerTags": { + "additionalProperties": { + "type": "string" + }, + "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT \u0026 PATCH) when empty.", + "type": "object" + }, "resourcePolicies": { "description": "Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.", "items": { @@ -40234,6 +40241,10 @@ "description": "Internal use only.", "type": "string" }, + "params": { + "$ref": "DiskParams", + "description": "Input only. [Input Only] Additional params passed with the request, but not persisted as part of resource payload." + }, "physicalBlockSizeBytes": { "description": "Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. The currently supported size is 4096, other sizes may be added in the future. If an unsupported value is requested, the error message will list the supported values for the caller's project.", "format": "int64", @@ -40668,6 +40679,20 @@ }, "type": "object" }, + "DiskParams": { + "description": "Additional disk params.", + "id": "DiskParams", + "properties": { + "resourceManagerTags": { + "additionalProperties": { + "type": "string" + }, + "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT \u0026 PATCH) when empty.", + "type": "object" + } + }, + "type": "object" + }, "DiskType": { "description": "Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/beta/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/beta/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.", "id": "DiskType", @@ -62843,6 +62868,10 @@ "SecurityPolicyAdvancedOptionsConfig": { "id": "SecurityPolicyAdvancedOptionsConfig", "properties": { + "jsonCustomConfig": { + "$ref": "SecurityPolicyAdvancedOptionsConfigJsonCustomConfig", + "description": "Custom configuration to apply the JSON parsing. Only applicable when json_parsing is set to STANDARD." + }, "jsonParsing": { "enum": [ "DISABLED", @@ -62868,6 +62897,19 @@ }, "type": "object" }, + "SecurityPolicyAdvancedOptionsConfigJsonCustomConfig": { + "id": "SecurityPolicyAdvancedOptionsConfigJsonCustomConfig", + "properties": { + "contentTypes": { + "description": "A list of custom Content-Type header values to apply the JSON parsing. As per RFC 1341, a Content-Type header value has the following format: Content-Type := type \"/\" subtype *[\";\" parameter] When configuring a custom Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "SecurityPolicyAssociation": { "id": "SecurityPolicyAssociation", "properties": { diff --git a/compute/v0.beta/compute-gen.go b/compute/v0.beta/compute-gen.go index 783bd751f53..082d7f4c960 100644 --- a/compute/v0.beta/compute-gen.go +++ b/compute/v0.beta/compute-gen.go @@ -3219,6 +3219,13 @@ type AttachedDiskInitializeParams struct { // see the Extreme persistent disk documentation. ProvisionedIops int64 `json:"provisionedIops,omitempty,string"` + // ResourceManagerTags: Resource manager tags to be bound to the disk. + // Tag keys and values have the same definition as resource manager + // tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values + // are in the format `tagValues/456`. The field is ignored (both PUT & + // PATCH) when empty. + ResourceManagerTags map[string]string `json:"resourceManagerTags,omitempty"` + // ResourcePolicies: Resource policies applied to this disk for // automatic snapshot creations. Specified using the full or partial // URL. For instance template, specify only the resource policy name. @@ -8860,6 +8867,10 @@ type Disk struct { // Options: Internal use only. Options string `json:"options,omitempty"` + // Params: Input only. [Input Only] Additional params passed with the + // request, but not persisted as part of resource payload. + Params *DiskParams `json:"params,omitempty"` + // PhysicalBlockSizeBytes: Physical block size of the persistent disk, // in bytes. If not present in a request, a default value is used. The // currently supported size is 4096, other sizes may be added in the @@ -9548,6 +9559,39 @@ func (s *DiskMoveRequest) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// DiskParams: Additional disk params. +type DiskParams struct { + // ResourceManagerTags: Resource manager tags to be bound to the disk. + // Tag keys and values have the same definition as resource manager + // tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values + // are in the format `tagValues/456`. The field is ignored (both PUT & + // PATCH) when empty. + ResourceManagerTags map[string]string `json:"resourceManagerTags,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ResourceManagerTags") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ResourceManagerTags") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *DiskParams) MarshalJSON() ([]byte, error) { + type NoMethod DiskParams + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // DiskType: Represents a Disk Type resource. Google Compute Engine has // two Disk Type resources: * Regional // (/compute/docs/reference/rest/beta/regionDiskTypes) * Zonal @@ -44234,6 +44278,10 @@ func (s *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) MarshalJ } type SecurityPolicyAdvancedOptionsConfig struct { + // JsonCustomConfig: Custom configuration to apply the JSON parsing. + // Only applicable when json_parsing is set to STANDARD. + JsonCustomConfig *SecurityPolicyAdvancedOptionsConfigJsonCustomConfig `json:"jsonCustomConfig,omitempty"` + // Possible values: // "DISABLED" // "STANDARD" @@ -44244,7 +44292,7 @@ type SecurityPolicyAdvancedOptionsConfig struct { // "VERBOSE" LogLevel string `json:"logLevel,omitempty"` - // ForceSendFields is a list of field names (e.g. "JsonParsing") to + // ForceSendFields is a list of field names (e.g. "JsonCustomConfig") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be @@ -44252,7 +44300,40 @@ type SecurityPolicyAdvancedOptionsConfig struct { // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "JsonParsing") to include + // NullFields is a list of field names (e.g. "JsonCustomConfig") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *SecurityPolicyAdvancedOptionsConfig) MarshalJSON() ([]byte, error) { + type NoMethod SecurityPolicyAdvancedOptionsConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +type SecurityPolicyAdvancedOptionsConfigJsonCustomConfig struct { + // ContentTypes: A list of custom Content-Type header values to apply + // the JSON parsing. As per RFC 1341, a Content-Type header value has + // the following format: Content-Type := type "/" subtype *[";" + // parameter] When configuring a custom Content-Type header value, only + // the type/subtype needs to be specified, and the parameters should be + // excluded. + ContentTypes []string `json:"contentTypes,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ContentTypes") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ContentTypes") to include // in API requests with the JSON null value. By default, fields with // empty values are omitted from API requests. However, any field with // an empty value appearing in NullFields will be sent to the server as @@ -44261,8 +44342,8 @@ type SecurityPolicyAdvancedOptionsConfig struct { NullFields []string `json:"-"` } -func (s *SecurityPolicyAdvancedOptionsConfig) MarshalJSON() ([]byte, error) { - type NoMethod SecurityPolicyAdvancedOptionsConfig +func (s *SecurityPolicyAdvancedOptionsConfigJsonCustomConfig) MarshalJSON() ([]byte, error) { + type NoMethod SecurityPolicyAdvancedOptionsConfigJsonCustomConfig raw := NoMethod(*s) return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } diff --git a/compute/v1/compute-api.json b/compute/v1/compute-api.json index 4f6aa6b8001..4075e2505bf 100644 --- a/compute/v1/compute-api.json +++ b/compute/v1/compute-api.json @@ -31172,7 +31172,7 @@ } } }, - "revision": "20220720", + "revision": "20220726", "rootUrl": "https://compute.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -32450,6 +32450,13 @@ "format": "int64", "type": "string" }, + "resourceManagerTags": { + "additionalProperties": { + "type": "string" + }, + "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT \u0026 PATCH) when empty.", + "type": "object" + }, "resourcePolicies": { "description": "Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.", "items": { @@ -35817,6 +35824,10 @@ "description": "Internal use only.", "type": "string" }, + "params": { + "$ref": "DiskParams", + "description": "Input only. [Input Only] Additional params passed with the request, but not persisted as part of resource payload." + }, "physicalBlockSizeBytes": { "description": "Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. The currently supported size is 4096, other sizes may be added in the future. If an unsupported value is requested, the error message will list the supported values for the caller's project.", "format": "int64", @@ -36232,6 +36243,20 @@ }, "type": "object" }, + "DiskParams": { + "description": "Additional disk params.", + "id": "DiskParams", + "properties": { + "resourceManagerTags": { + "additionalProperties": { + "type": "string" + }, + "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT \u0026 PATCH) when empty.", + "type": "object" + } + }, + "type": "object" + }, "DiskType": { "description": "Represents a Disk Type resource. Google Compute Engine has two Disk Type resources: * [Regional](/compute/docs/reference/rest/v1/regionDiskTypes) * [Zonal](/compute/docs/reference/rest/v1/diskTypes) You can choose from a variety of disk types based on your needs. For more information, read Storage options. The diskTypes resource represents disk types for a zonal persistent disk. For more information, read Zonal persistent disks. The regionDiskTypes resource represents disk types for a regional persistent disk. For more information, read Regional persistent disks.", "id": "DiskType", @@ -57625,6 +57650,10 @@ "SecurityPolicyAdvancedOptionsConfig": { "id": "SecurityPolicyAdvancedOptionsConfig", "properties": { + "jsonCustomConfig": { + "$ref": "SecurityPolicyAdvancedOptionsConfigJsonCustomConfig", + "description": "Custom configuration to apply the JSON parsing. Only applicable when json_parsing is set to STANDARD." + }, "jsonParsing": { "enum": [ "DISABLED", @@ -57650,6 +57679,19 @@ }, "type": "object" }, + "SecurityPolicyAdvancedOptionsConfigJsonCustomConfig": { + "id": "SecurityPolicyAdvancedOptionsConfigJsonCustomConfig", + "properties": { + "contentTypes": { + "description": "A list of custom Content-Type header values to apply the JSON parsing. As per RFC 1341, a Content-Type header value has the following format: Content-Type := type \"/\" subtype *[\";\" parameter] When configuring a custom Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "SecurityPolicyDdosProtectionConfig": { "id": "SecurityPolicyDdosProtectionConfig", "properties": { diff --git a/compute/v1/compute-gen.go b/compute/v1/compute-gen.go index 0b599f0e8b8..479215ca355 100644 --- a/compute/v1/compute-gen.go +++ b/compute/v1/compute-gen.go @@ -3118,6 +3118,13 @@ type AttachedDiskInitializeParams struct { // see the Extreme persistent disk documentation. ProvisionedIops int64 `json:"provisionedIops,omitempty,string"` + // ResourceManagerTags: Resource manager tags to be bound to the disk. + // Tag keys and values have the same definition as resource manager + // tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values + // are in the format `tagValues/456`. The field is ignored (both PUT & + // PATCH) when empty. + ResourceManagerTags map[string]string `json:"resourceManagerTags,omitempty"` + // ResourcePolicies: Resource policies applied to this disk for // automatic snapshot creations. Specified using the full or partial // URL. For instance template, specify only the resource policy name. @@ -8628,6 +8635,10 @@ type Disk struct { // Options: Internal use only. Options string `json:"options,omitempty"` + // Params: Input only. [Input Only] Additional params passed with the + // request, but not persisted as part of resource payload. + Params *DiskParams `json:"params,omitempty"` + // PhysicalBlockSizeBytes: Physical block size of the persistent disk, // in bytes. If not present in a request, a default value is used. The // currently supported size is 4096, other sizes may be added in the @@ -9302,6 +9313,39 @@ func (s *DiskMoveRequest) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// DiskParams: Additional disk params. +type DiskParams struct { + // ResourceManagerTags: Resource manager tags to be bound to the disk. + // Tag keys and values have the same definition as resource manager + // tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values + // are in the format `tagValues/456`. The field is ignored (both PUT & + // PATCH) when empty. + ResourceManagerTags map[string]string `json:"resourceManagerTags,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ResourceManagerTags") + // to unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ResourceManagerTags") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *DiskParams) MarshalJSON() ([]byte, error) { + type NoMethod DiskParams + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // DiskType: Represents a Disk Type resource. Google Compute Engine has // two Disk Type resources: * Regional // (/compute/docs/reference/rest/v1/regionDiskTypes) * Zonal @@ -42716,6 +42760,10 @@ func (s *SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig) MarshalJ } type SecurityPolicyAdvancedOptionsConfig struct { + // JsonCustomConfig: Custom configuration to apply the JSON parsing. + // Only applicable when json_parsing is set to STANDARD. + JsonCustomConfig *SecurityPolicyAdvancedOptionsConfigJsonCustomConfig `json:"jsonCustomConfig,omitempty"` + // Possible values: // "DISABLED" // "STANDARD" @@ -42726,7 +42774,7 @@ type SecurityPolicyAdvancedOptionsConfig struct { // "VERBOSE" LogLevel string `json:"logLevel,omitempty"` - // ForceSendFields is a list of field names (e.g. "JsonParsing") to + // ForceSendFields is a list of field names (e.g. "JsonCustomConfig") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be @@ -42734,7 +42782,40 @@ type SecurityPolicyAdvancedOptionsConfig struct { // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "JsonParsing") to include + // NullFields is a list of field names (e.g. "JsonCustomConfig") to + // include in API requests with the JSON null value. By default, fields + // with empty values are omitted from API requests. However, any field + // with an empty value appearing in NullFields will be sent to the + // server as null. It is an error if a field in this list has a + // non-empty value. This may be used to include null fields in Patch + // requests. + NullFields []string `json:"-"` +} + +func (s *SecurityPolicyAdvancedOptionsConfig) MarshalJSON() ([]byte, error) { + type NoMethod SecurityPolicyAdvancedOptionsConfig + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + +type SecurityPolicyAdvancedOptionsConfigJsonCustomConfig struct { + // ContentTypes: A list of custom Content-Type header values to apply + // the JSON parsing. As per RFC 1341, a Content-Type header value has + // the following format: Content-Type := type "/" subtype *[";" + // parameter] When configuring a custom Content-Type header value, only + // the type/subtype needs to be specified, and the parameters should be + // excluded. + ContentTypes []string `json:"contentTypes,omitempty"` + + // ForceSendFields is a list of field names (e.g. "ContentTypes") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "ContentTypes") to include // in API requests with the JSON null value. By default, fields with // empty values are omitted from API requests. However, any field with // an empty value appearing in NullFields will be sent to the server as @@ -42743,8 +42824,8 @@ type SecurityPolicyAdvancedOptionsConfig struct { NullFields []string `json:"-"` } -func (s *SecurityPolicyAdvancedOptionsConfig) MarshalJSON() ([]byte, error) { - type NoMethod SecurityPolicyAdvancedOptionsConfig +func (s *SecurityPolicyAdvancedOptionsConfigJsonCustomConfig) MarshalJSON() ([]byte, error) { + type NoMethod SecurityPolicyAdvancedOptionsConfigJsonCustomConfig raw := NoMethod(*s) return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } diff --git a/connectors/v1/connectors-api.json b/connectors/v1/connectors-api.json index e00e0b8cd2f..adf7b710f10 100644 --- a/connectors/v1/connectors-api.json +++ b/connectors/v1/connectors-api.json @@ -1055,7 +1055,7 @@ } } }, - "revision": "20220718", + "revision": "20220724", "rootUrl": "https://connectors.googleapis.com/", "schemas": { "AuditConfig": { @@ -1190,6 +1190,14 @@ "description": "This configuration captures the details required to render an authorization link for the OAuth Authorization Code Flow.", "id": "AuthorizationCodeLink", "properties": { + "clientId": { + "description": "The client ID assigned to the GCP Connectors OAuth app for the connector data source.", + "type": "string" + }, + "enablePkce": { + "description": "Whether to enable PKCE for the auth code flow.", + "type": "boolean" + }, "scopes": { "description": "The scopes for which the user will authorize GCP Connectors on the connector data source.", "items": { diff --git a/connectors/v1/connectors-gen.go b/connectors/v1/connectors-gen.go index e2c38d76ff8..2e7ff7ae90b 100644 --- a/connectors/v1/connectors-gen.go +++ b/connectors/v1/connectors-gen.go @@ -462,6 +462,13 @@ func (s *AuthConfigTemplate) MarshalJSON() ([]byte, error) { // required to render an authorization link for the OAuth Authorization // Code Flow. type AuthorizationCodeLink struct { + // ClientId: The client ID assigned to the GCP Connectors OAuth app for + // the connector data source. + ClientId string `json:"clientId,omitempty"` + + // EnablePkce: Whether to enable PKCE for the auth code flow. + EnablePkce bool `json:"enablePkce,omitempty"` + // Scopes: The scopes for which the user will authorize GCP Connectors // on the connector data source. Scopes []string `json:"scopes,omitempty"` @@ -470,7 +477,7 @@ type AuthorizationCodeLink struct { // code login flow. Uri string `json:"uri,omitempty"` - // ForceSendFields is a list of field names (e.g. "Scopes") to + // ForceSendFields is a list of field names (e.g. "ClientId") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be @@ -478,8 +485,8 @@ type AuthorizationCodeLink struct { // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` - // NullFields is a list of field names (e.g. "Scopes") to include in API - // requests with the JSON null value. By default, fields with empty + // NullFields is a list of field names (e.g. "ClientId") to include in + // API requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. diff --git a/notebooks/v1/notebooks-api.json b/notebooks/v1/notebooks-api.json index 48949fb1c2a..99073adb139 100644 --- a/notebooks/v1/notebooks-api.json +++ b/notebooks/v1/notebooks-api.json @@ -1411,7 +1411,7 @@ "type": "string" }, "updateMask": { - "description": "Required. Specifies the path, relative to `Runtime`, of the field to update. For example, to change the software configuration kernels, the `update_mask` parameter would be specified as `software_config.kernels`, and the `PATCH` request body would specify the new value, as follows: { \"software_config\":{ \"kernels\": [{ 'repository': 'gcr.io/deeplearning-platform-release/pytorch-gpu', 'tag': 'latest' }], } } Currently, only the following fields can be updated: - software_config.kernels - software_config.post_startup_script - software_config.custom_gpu_driver_path - software_config.idle_shutdown - software_config.idle_shutdown_timeout", + "description": "Required. Specifies the path, relative to `Runtime`, of the field to update. For example, to change the software configuration kernels, the `update_mask` parameter would be specified as `software_config.kernels`, and the `PATCH` request body would specify the new value, as follows: { \"software_config\":{ \"kernels\": [{ 'repository': 'gcr.io/deeplearning-platform-release/pytorch-gpu', 'tag': 'latest' }], } } Currently, only the following fields can be updated: - software_config.kernels - software_config.post_startup_script - software_config.custom_gpu_driver_path - software_config.idle_shutdown - software_config.idle_shutdown_timeout - software_config.disable_terminal", "format": "google-fieldmask", "location": "query", "type": "string" @@ -1820,7 +1820,7 @@ } } }, - "revision": "20220716", + "revision": "20220729", "rootUrl": "https://notebooks.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -3377,6 +3377,10 @@ "description": "Specify a custom Cloud Storage path where the GPU driver is stored. If not specified, we'll automatically choose from official GPU drivers.", "type": "string" }, + "disableTerminal": { + "description": "Bool indicating whether JupyterLab terminal will be available or not. Default: False", + "type": "boolean" + }, "enableHealthMonitoring": { "description": "Verifies core internal services are running. Default: True", "type": "boolean" diff --git a/notebooks/v1/notebooks-gen.go b/notebooks/v1/notebooks-gen.go index c6a83e34e09..d321035c597 100644 --- a/notebooks/v1/notebooks-gen.go +++ b/notebooks/v1/notebooks-gen.go @@ -2629,6 +2629,10 @@ type RuntimeSoftwareConfig struct { // from official GPU drivers. CustomGpuDriverPath string `json:"customGpuDriverPath,omitempty"` + // DisableTerminal: Bool indicating whether JupyterLab terminal will be + // available or not. Default: False + DisableTerminal bool `json:"disableTerminal,omitempty"` + // EnableHealthMonitoring: Verifies core internal services are running. // Default: True EnableHealthMonitoring bool `json:"enableHealthMonitoring,omitempty"` @@ -10345,6 +10349,7 @@ func (c *ProjectsLocationsRuntimesPatchCall) RequestId(requestId string) *Projec // software_config.post_startup_script - // software_config.custom_gpu_driver_path - // software_config.idle_shutdown - software_config.idle_shutdown_timeout +// - software_config.disable_terminal func (c *ProjectsLocationsRuntimesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsRuntimesPatchCall { c.urlParams_.Set("updateMask", updateMask) return c @@ -10462,7 +10467,7 @@ func (c *ProjectsLocationsRuntimesPatchCall) Do(opts ...googleapi.CallOption) (* // "type": "string" // }, // "updateMask": { - // "description": "Required. Specifies the path, relative to `Runtime`, of the field to update. For example, to change the software configuration kernels, the `update_mask` parameter would be specified as `software_config.kernels`, and the `PATCH` request body would specify the new value, as follows: { \"software_config\":{ \"kernels\": [{ 'repository': 'gcr.io/deeplearning-platform-release/pytorch-gpu', 'tag': 'latest' }], } } Currently, only the following fields can be updated: - software_config.kernels - software_config.post_startup_script - software_config.custom_gpu_driver_path - software_config.idle_shutdown - software_config.idle_shutdown_timeout", + // "description": "Required. Specifies the path, relative to `Runtime`, of the field to update. For example, to change the software configuration kernels, the `update_mask` parameter would be specified as `software_config.kernels`, and the `PATCH` request body would specify the new value, as follows: { \"software_config\":{ \"kernels\": [{ 'repository': 'gcr.io/deeplearning-platform-release/pytorch-gpu', 'tag': 'latest' }], } } Currently, only the following fields can be updated: - software_config.kernels - software_config.post_startup_script - software_config.custom_gpu_driver_path - software_config.idle_shutdown - software_config.idle_shutdown_timeout - software_config.disable_terminal", // "format": "google-fieldmask", // "location": "query", // "type": "string" diff --git a/policytroubleshooter/v1/policytroubleshooter-api.json b/policytroubleshooter/v1/policytroubleshooter-api.json index b9edb83b18a..56783a96569 100644 --- a/policytroubleshooter/v1/policytroubleshooter-api.json +++ b/policytroubleshooter/v1/policytroubleshooter-api.json @@ -128,7 +128,7 @@ } } }, - "revision": "20220429", + "revision": "20220806", "rootUrl": "https://policytroubleshooter.googleapis.com/", "schemas": { "GoogleCloudPolicytroubleshooterV1AccessTuple": { @@ -434,7 +434,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/policytroubleshooter/v1/policytroubleshooter-gen.go b/policytroubleshooter/v1/policytroubleshooter-gen.go index 4151eacce8d..2355decb67a 100644 --- a/policytroubleshooter/v1/policytroubleshooter-gen.go +++ b/policytroubleshooter/v1/policytroubleshooter-gen.go @@ -652,16 +652,20 @@ type GoogleIamV1Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/policytroubleshooter/v1beta/policytroubleshooter-api.json b/policytroubleshooter/v1beta/policytroubleshooter-api.json index 3587e674027..dda8f468e2f 100644 --- a/policytroubleshooter/v1beta/policytroubleshooter-api.json +++ b/policytroubleshooter/v1beta/policytroubleshooter-api.json @@ -128,7 +128,7 @@ } } }, - "revision": "20220429", + "revision": "20220806", "rootUrl": "https://policytroubleshooter.googleapis.com/", "schemas": { "GoogleCloudPolicytroubleshooterV1betaAccessTuple": { @@ -427,7 +427,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", "items": { "type": "string" }, diff --git a/policytroubleshooter/v1beta/policytroubleshooter-gen.go b/policytroubleshooter/v1beta/policytroubleshooter-gen.go index 7fba893db0c..ec56f4c8abe 100644 --- a/policytroubleshooter/v1beta/policytroubleshooter-gen.go +++ b/policytroubleshooter/v1beta/policytroubleshooter-gen.go @@ -641,16 +641,20 @@ type GoogleIamV1Binding struct { // who is authenticated with a Google account or a service account. * // `user:{emailid}`: An email address that represents a specific Google // account. For example, `alice@example.com` . * - // `serviceAccount:{emailid}`: An email address that represents a + // `serviceAccount:{emailid}`: An email address that represents a Google // service account. For example, - // `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An - // email address that represents a Google group. For example, - // `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An - // email address (plus unique identifier) representing a user that has - // been recently deleted. For example, - // `alice@example.com?uid=123456789012345678901`. If the user is - // recovered, this value reverts to `user:{emailid}` and the recovered - // user retains the role in the binding. * + // `my-other-app@appspot.gserviceaccount.com`. * + // `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: + // An identifier for a Kubernetes service account + // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). + // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. * + // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus + // unique identifier) representing a user that has been recently + // deleted. For example, `alice@example.com?uid=123456789012345678901`. + // If the user is recovered, this value reverts to `user:{emailid}` and + // the recovered user retains the role in the binding. * // `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address // (plus unique identifier) representing a service account that has been // recently deleted. For example, diff --git a/spanner/v1/spanner-api.json b/spanner/v1/spanner-api.json index 2e0f9d9c19b..b23b6eeae14 100644 --- a/spanner/v1/spanner-api.json +++ b/spanner/v1/spanner-api.json @@ -1453,7 +1453,7 @@ "type": "string" }, "parent": { - "description": "Required. The database whose roles should be listed. Values are of the form `projects//instances//databases//databaseRoles`.", + "description": "Required. The database whose roles should be listed. Values are of the form `projects//instances//databases/`.", "location": "path", "pattern": "^projects/[^/]+/instances/[^/]+/databases/[^/]+$", "required": true, @@ -2262,7 +2262,7 @@ } } }, - "revision": "20220718", + "revision": "20220726", "rootUrl": "https://spanner.googleapis.com/", "schemas": { "Backup": { diff --git a/spanner/v1/spanner-gen.go b/spanner/v1/spanner-gen.go index dbcd42efe09..cfffc683809 100644 --- a/spanner/v1/spanner-gen.go +++ b/spanner/v1/spanner-gen.go @@ -12394,7 +12394,7 @@ type ProjectsInstancesDatabasesDatabaseRolesListCall struct { // List: Lists Cloud Spanner database roles. // // - parent: The database whose roles should be listed. Values are of -// the form `projects//instances//databases//databaseRoles`. +// the form `projects//instances//databases/`. func (r *ProjectsInstancesDatabasesDatabaseRolesService) List(parent string) *ProjectsInstancesDatabasesDatabaseRolesListCall { c := &ProjectsInstancesDatabasesDatabaseRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.parent = parent @@ -12536,7 +12536,7 @@ func (c *ProjectsInstancesDatabasesDatabaseRolesListCall) Do(opts ...googleapi.C // "type": "string" // }, // "parent": { - // "description": "Required. The database whose roles should be listed. Values are of the form `projects//instances//databases//databaseRoles`.", + // "description": "Required. The database whose roles should be listed. Values are of the form `projects//instances//databases/`.", // "location": "path", // "pattern": "^projects/[^/]+/instances/[^/]+/databases/[^/]+$", // "required": true,