From 8759538c0ab491be1678db74a3ad538957610d70 Mon Sep 17 00:00:00 2001 From: yoshi-code-bot <70984784+yoshi-code-bot@users.noreply.github.com> Date: Sat, 5 Jun 2021 00:38:05 -0700 Subject: [PATCH] chore: Update discovery artifacts (#1400) ## Discovery Artifact Change Summary: feat(compute): update the api https://github.com/googleapis/google-api-python-client/commit/b8ce2754752f8157b84091a99594f9a45a8f8eed feat(container): update the api https://github.com/googleapis/google-api-python-client/commit/a73f41e49d7ab6258bd722b4ee6d022c195975c2 feat(dataproc): update the api https://github.com/googleapis/google-api-python-client/commit/be0dde6ee43f4ff05396d33b16e0af2a1fabfc28 feat(lifesciences): update the api https://github.com/googleapis/google-api-python-client/commit/c524c0a316e4206c8b0e0075e3ed5eceb7e60016 feat(osconfig): update the api https://github.com/googleapis/google-api-python-client/commit/5dbaaad34dec45eb5f5a9e98710b3ec05b4d5429 feat(pagespeedonline): update the api https://github.com/googleapis/google-api-python-client/commit/47d41c544376b1911261410235b63ffe3e5faa91 feat(privateca): update the api https://github.com/googleapis/google-api-python-client/commit/8f7ad0d176d61f9e9a409d7fe35b20c5f1c239a5 --- docs/dyn/bigquery_v2.jobs.html | 41 +- docs/dyn/bigquery_v2.tables.html | 49 +- docs/dyn/compute_alpha.backendServices.html | 683 ++++- docs/dyn/compute_alpha.firewallPolicies.html | 4 +- docs/dyn/compute_alpha.instances.html | 101 + docs/dyn/compute_alpha.interconnects.html | 12 +- ...compute_alpha.networkFirewallPolicies.html | 6 +- .../compute_alpha.regionBackendServices.html | 679 ++++- docs/dyn/compute_alpha.regionInstances.html | 889 ++++++ ...e_alpha.regionNetworkFirewallPolicies.html | 6 +- docs/dyn/compute_alpha.regionUrlMaps.html | 48 +- docs/dyn/compute_alpha.routers.html | 16 +- docs/dyn/compute_alpha.urlMaps.html | 56 +- docs/dyn/compute_beta.backendServices.html | 683 ++++- docs/dyn/compute_beta.firewallPolicies.html | 4 +- docs/dyn/compute_beta.interconnects.html | 12 +- .../compute_beta.regionBackendServices.html | 679 ++++- docs/dyn/compute_beta.regionUrlMaps.html | 48 +- docs/dyn/compute_beta.routers.html | 16 +- docs/dyn/compute_beta.urlMaps.html | 56 +- docs/dyn/compute_v1.backendServices.html | 24 +- docs/dyn/compute_v1.firewallPolicies.html | 4 +- docs/dyn/compute_v1.interconnects.html | 12 +- .../dyn/compute_v1.regionBackendServices.html | 20 +- docs/dyn/compute_v1.regionUrlMaps.html | 48 +- docs/dyn/compute_v1.urlMaps.html | 56 +- ...tainer_v1.projects.locations.clusters.html | 4 + .../container_v1.projects.zones.clusters.html | 4 + ...r_v1beta1.projects.locations.clusters.html | 24 +- ...projects.locations.clusters.nodePools.html | 14 +- ...ainer_v1beta1.projects.zones.clusters.html | 24 +- ...ta1.projects.zones.clusters.nodePools.html | 14 +- ....projects.locations.workflowTemplates.html | 63 +- ...dataproc_v1.projects.regions.clusters.html | 36 +- ...v1.projects.regions.workflowTemplates.html | 63 +- ...store_v1.projects.databases.documents.html | 510 ++-- ...s_v2beta.projects.locations.pipelines.html | 1 + ...cations.instanceOSPoliciesCompliances.html | 2 + docs/dyn/pagespeedonline_v5.pagespeedapi.html | 55 +- ...uthorities.certificateRevocationLists.html | 171 ++ ...ations.caPools.certificateAuthorities.html | 1418 +++++++++ ...ojects.locations.caPools.certificates.html | 1884 ++++++++++++ ...ivateca_v1.projects.locations.caPools.html | 658 +++++ ...ojects.locations.certificateTemplates.html | 538 ++++ ...rojects.locations.catalogs.placements.html | 2 +- ...rojects.locations.catalogs.userEvents.html | 6 +- ...rojects.locations.catalogs.placements.html | 2 +- ...rojects.locations.catalogs.userEvents.html | 6 +- ...rojects.locations.catalogs.placements.html | 2 +- ...rojects.locations.catalogs.userEvents.html | 6 +- ...projects.instances.databases.sessions.html | 68 +- docs/dyn/texttospeech_v1beta1.text.html | 4 +- .../documents/area120tables.v1alpha1.json | 2 +- .../documents/artifactregistry.v1.json | 2 +- .../documents/artifactregistry.v1beta1.json | 2 +- .../documents/artifactregistry.v1beta2.json | 2 +- .../documents/calendar.v3.json | 2 +- .../documents/chromemanagement.v1.json | 2 +- .../documents/chromepolicy.v1.json | 2 +- .../documents/chromeuxreport.v1.json | 2 +- .../documents/cloudkms.v1.json | 2 +- .../documents/cloudprofiler.v2.json | 2 +- .../documents/cloudtrace.v1.json | 2 +- .../documents/cloudtrace.v2.json | 2 +- .../documents/cloudtrace.v2beta1.json | 2 +- .../documents/compute.alpha.json | 387 ++- .../documents/compute.beta.json | 188 +- .../discovery_cache/documents/compute.v1.json | 12 +- .../documents/container.v1.json | 6 +- .../documents/container.v1beta1.json | 9 +- .../documents/customsearch.v1.json | 2 +- .../documents/dataproc.v1.json | 8 +- .../documents/dataproc.v1beta2.json | 2 +- .../documents/deploymentmanager.alpha.json | 2 +- .../documents/deploymentmanager.v2.json | 2 +- .../documents/deploymentmanager.v2beta.json | 2 +- .../documents/essentialcontacts.v1.json | 2 +- .../documents/eventarc.v1beta1.json | 2 +- .../documents/factchecktools.v1alpha1.json | 2 +- .../documents/firebase.v1beta1.json | 2 +- .../documents/firebasedatabase.v1beta.json | 2 +- .../documents/gameservices.v1beta.json | 6 +- .../documents/gkehub.v1beta1.json | 2 +- .../documents/gmailpostmastertools.v1.json | 2 +- .../gmailpostmastertools.v1beta1.json | 2 +- .../documents/healthcare.v1.json | 2 +- .../documents/healthcare.v1beta1.json | 2 +- .../documents/libraryagent.v1.json | 2 +- .../documents/lifesciences.v2beta.json | 6 +- .../documents/localservices.v1.json | 2 +- .../documents/monitoring.v1.json | 2 +- .../documents/monitoring.v3.json | 2 +- .../documents/osconfig.v1.json | 2 +- .../documents/osconfig.v1alpha.json | 6 +- .../documents/osconfig.v1beta.json | 2 +- .../documents/pagespeedonline.v5.json | 147 +- .../paymentsresellersubscription.v1.json | 2 +- .../discovery_cache/documents/people.v1.json | 2 +- .../documents/playcustomapp.v1.json | 2 +- .../documents/privateca.v1.json | 2522 ++++++++++++++++- .../documents/prod_tt_sasportal.v1alpha1.json | 2 +- .../documents/pubsublite.v1.json | 2 +- .../discovery_cache/documents/run.v1.json | 2 +- .../documents/run.v1alpha1.json | 2 +- .../documents/safebrowsing.v4.json | 2 +- .../documents/streetviewpublish.v1.json | 2 +- 106 files changed, 12349 insertions(+), 865 deletions(-) create mode 100644 docs/dyn/privateca_v1.projects.locations.caPools.certificates.html diff --git a/docs/dyn/bigquery_v2.jobs.html b/docs/dyn/bigquery_v2.jobs.html index 4eaac3825b8..f0a0ffa3fc6 100644 --- a/docs/dyn/bigquery_v2.jobs.html +++ b/docs/dyn/bigquery_v2.jobs.html @@ -183,7 +183,7 @@

Method Details

], }, "createDisposition": "A String", # [Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion. - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. + "decimalTargetTypes": [ # Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC ([Preview](/products/#product-launch-stages)), and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: * (38,9) -> NUMERIC; * (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); * (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); * (76,38) -> BIGNUMERIC; * (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. "A String", ], "destinationEncryptionConfiguration": { # Custom encryption configuration (e.g., Cloud KMS keys). @@ -378,9 +378,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -503,7 +500,6 @@

Method Details

"projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "dmlStats": "", # [Output-only] Detailed statistics for DML statements Present only for DML statements INSERT, UPDATE, DELETE or TRUNCATE. "estimatedBytesProcessed": "A String", # [Output-only] The original estimate of bytes processed for the job. "modelTraining": { # [Output-only, Beta] Information about create model query job progress. "currentIteration": 42, # [Output-only, Beta] Index of current ML training iteration. Updated during create model query job to show job progress. @@ -674,7 +670,7 @@

Method Details

"startTime": "A String", # [Output-only] Start time of this job, in milliseconds since the epoch. This field will be present when the job transitions from the PENDING state to either RUNNING or DONE. "totalBytesProcessed": "A String", # [Output-only] [Deprecated] Use the bytes processed in the query statistics instead. "totalSlotMs": "A String", # [Output-only] Slot-milliseconds for the job. - "transactionInfo": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. + "transactionInfoTemplate": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. "transactionId": "A String", # [Output-only] // [Alpha] Id of the transaction. }, }, @@ -794,7 +790,7 @@

Method Details

], }, "createDisposition": "A String", # [Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion. - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. + "decimalTargetTypes": [ # Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC ([Preview](/products/#product-launch-stages)), and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: * (38,9) -> NUMERIC; * (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); * (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); * (76,38) -> BIGNUMERIC; * (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. "A String", ], "destinationEncryptionConfiguration": { # Custom encryption configuration (e.g., Cloud KMS keys). @@ -989,9 +985,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -1114,7 +1107,6 @@

Method Details

"projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "dmlStats": "", # [Output-only] Detailed statistics for DML statements Present only for DML statements INSERT, UPDATE, DELETE or TRUNCATE. "estimatedBytesProcessed": "A String", # [Output-only] The original estimate of bytes processed for the job. "modelTraining": { # [Output-only, Beta] Information about create model query job progress. "currentIteration": 42, # [Output-only, Beta] Index of current ML training iteration. Updated during create model query job to show job progress. @@ -1285,7 +1277,7 @@

Method Details

"startTime": "A String", # [Output-only] Start time of this job, in milliseconds since the epoch. This field will be present when the job transitions from the PENDING state to either RUNNING or DONE. "totalBytesProcessed": "A String", # [Output-only] [Deprecated] Use the bytes processed in the query statistics instead. "totalSlotMs": "A String", # [Output-only] Slot-milliseconds for the job. - "transactionInfo": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. + "transactionInfoTemplate": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. "transactionId": "A String", # [Output-only] // [Alpha] Id of the transaction. }, }, @@ -1474,7 +1466,7 @@

Method Details

], }, "createDisposition": "A String", # [Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion. - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. + "decimalTargetTypes": [ # Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC ([Preview](/products/#product-launch-stages)), and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: * (38,9) -> NUMERIC; * (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); * (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); * (76,38) -> BIGNUMERIC; * (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. "A String", ], "destinationEncryptionConfiguration": { # Custom encryption configuration (e.g., Cloud KMS keys). @@ -1669,9 +1661,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -1794,7 +1783,6 @@

Method Details

"projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "dmlStats": "", # [Output-only] Detailed statistics for DML statements Present only for DML statements INSERT, UPDATE, DELETE or TRUNCATE. "estimatedBytesProcessed": "A String", # [Output-only] The original estimate of bytes processed for the job. "modelTraining": { # [Output-only, Beta] Information about create model query job progress. "currentIteration": 42, # [Output-only, Beta] Index of current ML training iteration. Updated during create model query job to show job progress. @@ -1965,7 +1953,7 @@

Method Details

"startTime": "A String", # [Output-only] Start time of this job, in milliseconds since the epoch. This field will be present when the job transitions from the PENDING state to either RUNNING or DONE. "totalBytesProcessed": "A String", # [Output-only] [Deprecated] Use the bytes processed in the query statistics instead. "totalSlotMs": "A String", # [Output-only] Slot-milliseconds for the job. - "transactionInfo": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. + "transactionInfoTemplate": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. "transactionId": "A String", # [Output-only] // [Alpha] Id of the transaction. }, }, @@ -2060,7 +2048,7 @@

Method Details

], }, "createDisposition": "A String", # [Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion. - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. + "decimalTargetTypes": [ # Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC ([Preview](/products/#product-launch-stages)), and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: * (38,9) -> NUMERIC; * (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); * (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); * (76,38) -> BIGNUMERIC; * (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. "A String", ], "destinationEncryptionConfiguration": { # Custom encryption configuration (e.g., Cloud KMS keys). @@ -2255,9 +2243,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -2380,7 +2365,6 @@

Method Details

"projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "dmlStats": "", # [Output-only] Detailed statistics for DML statements Present only for DML statements INSERT, UPDATE, DELETE or TRUNCATE. "estimatedBytesProcessed": "A String", # [Output-only] The original estimate of bytes processed for the job. "modelTraining": { # [Output-only, Beta] Information about create model query job progress. "currentIteration": 42, # [Output-only, Beta] Index of current ML training iteration. Updated during create model query job to show job progress. @@ -2551,7 +2535,7 @@

Method Details

"startTime": "A String", # [Output-only] Start time of this job, in milliseconds since the epoch. This field will be present when the job transitions from the PENDING state to either RUNNING or DONE. "totalBytesProcessed": "A String", # [Output-only] [Deprecated] Use the bytes processed in the query statistics instead. "totalSlotMs": "A String", # [Output-only] Slot-milliseconds for the job. - "transactionInfo": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. + "transactionInfoTemplate": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. "transactionId": "A String", # [Output-only] // [Alpha] Id of the transaction. }, }, @@ -2669,7 +2653,7 @@

Method Details

], }, "createDisposition": "A String", # [Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion. - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. + "decimalTargetTypes": [ # Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC ([Preview](/products/#product-launch-stages)), and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: * (38,9) -> NUMERIC; * (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); * (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); * (76,38) -> BIGNUMERIC; * (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. "A String", ], "destinationEncryptionConfiguration": { # Custom encryption configuration (e.g., Cloud KMS keys). @@ -2864,9 +2848,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -2994,7 +2975,6 @@

Method Details

"projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "dmlStats": "", # [Output-only] Detailed statistics for DML statements Present only for DML statements INSERT, UPDATE, DELETE or TRUNCATE. "estimatedBytesProcessed": "A String", # [Output-only] The original estimate of bytes processed for the job. "modelTraining": { # [Output-only, Beta] Information about create model query job progress. "currentIteration": 42, # [Output-only, Beta] Index of current ML training iteration. Updated during create model query job to show job progress. @@ -3165,7 +3145,7 @@

Method Details

"startTime": "A String", # [Output-only] Start time of this job, in milliseconds since the epoch. This field will be present when the job transitions from the PENDING state to either RUNNING or DONE. "totalBytesProcessed": "A String", # [Output-only] [Deprecated] Use the bytes processed in the query statistics instead. "totalSlotMs": "A String", # [Output-only] Slot-milliseconds for the job. - "transactionInfo": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. + "transactionInfoTemplate": { # [Output-only] [Alpha] Information of the multi-statement transaction if this job is part of one. "transactionId": "A String", # [Output-only] // [Alpha] Id of the transaction. }, }, @@ -3277,7 +3257,6 @@

Method Details

{ "cacheHit": True or False, # Whether the query result was fetched from the query cache. - "dmlStats": "", # [Output-only] Detailed statistics for DML statements Present only for DML statements INSERT, UPDATE, DELETE or TRUNCATE. "errors": [ # [Output-only] The first errors or warnings encountered during the running of the job. The final message includes the number of errors that caused the process to stop. Errors here do not necessarily mean that the job has completed or was unsuccessful. { "debugInfo": "A String", # Debugging information. This property is internal to Google and should not be used. diff --git a/docs/dyn/bigquery_v2.tables.html b/docs/dyn/bigquery_v2.tables.html index 8c4f73d9b05..5220b089e6f 100644 --- a/docs/dyn/bigquery_v2.tables.html +++ b/docs/dyn/bigquery_v2.tables.html @@ -184,9 +184,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -323,12 +320,12 @@

Method Details

}, "selfLink": "A String", # [Output-only] A URL that can be used to access this resource again. "snapshotDefinition": { # [Output-only] Snapshot definition. - "baseTableReference": { # [Required] Reference describing the ID of the table that was snapshot. + "baseTableReference": { # [Required] Reference describing the ID of the table that is snapshotted. "datasetId": "A String", # [Required] The ID of the dataset containing this table. "projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. This value is reported in the JSON response using RFC3339 format. + "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. }, "streamingBuffer": { # [Output-only] Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. "estimatedBytes": "A String", # [Output-only] A lower-bound estimate of the number of bytes currently in the streaming buffer. @@ -470,9 +467,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -609,12 +603,12 @@

Method Details

}, "selfLink": "A String", # [Output-only] A URL that can be used to access this resource again. "snapshotDefinition": { # [Output-only] Snapshot definition. - "baseTableReference": { # [Required] Reference describing the ID of the table that was snapshot. + "baseTableReference": { # [Required] Reference describing the ID of the table that is snapshotted. "datasetId": "A String", # [Required] The ID of the dataset containing this table. "projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. This value is reported in the JSON response using RFC3339 format. + "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. }, "streamingBuffer": { # [Output-only] Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. "estimatedBytes": "A String", # [Output-only] A lower-bound estimate of the number of bytes currently in the streaming buffer. @@ -697,9 +691,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -836,12 +827,12 @@

Method Details

}, "selfLink": "A String", # [Output-only] A URL that can be used to access this resource again. "snapshotDefinition": { # [Output-only] Snapshot definition. - "baseTableReference": { # [Required] Reference describing the ID of the table that was snapshot. + "baseTableReference": { # [Required] Reference describing the ID of the table that is snapshotted. "datasetId": "A String", # [Required] The ID of the dataset containing this table. "projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. This value is reported in the JSON response using RFC3339 format. + "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. }, "streamingBuffer": { # [Output-only] Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. "estimatedBytes": "A String", # [Output-only] A lower-bound estimate of the number of bytes currently in the streaming buffer. @@ -1007,9 +998,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -1146,12 +1134,12 @@

Method Details

}, "selfLink": "A String", # [Output-only] A URL that can be used to access this resource again. "snapshotDefinition": { # [Output-only] Snapshot definition. - "baseTableReference": { # [Required] Reference describing the ID of the table that was snapshot. + "baseTableReference": { # [Required] Reference describing the ID of the table that is snapshotted. "datasetId": "A String", # [Required] The ID of the dataset containing this table. "projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. This value is reported in the JSON response using RFC3339 format. + "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. }, "streamingBuffer": { # [Output-only] Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. "estimatedBytes": "A String", # [Output-only] A lower-bound estimate of the number of bytes currently in the streaming buffer. @@ -1234,9 +1222,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -1373,12 +1358,12 @@

Method Details

}, "selfLink": "A String", # [Output-only] A URL that can be used to access this resource again. "snapshotDefinition": { # [Output-only] Snapshot definition. - "baseTableReference": { # [Required] Reference describing the ID of the table that was snapshot. + "baseTableReference": { # [Required] Reference describing the ID of the table that is snapshotted. "datasetId": "A String", # [Required] The ID of the dataset containing this table. "projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. This value is reported in the JSON response using RFC3339 format. + "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. }, "streamingBuffer": { # [Output-only] Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. "estimatedBytes": "A String", # [Output-only] A lower-bound estimate of the number of bytes currently in the streaming buffer. @@ -1576,9 +1561,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -1715,12 +1697,12 @@

Method Details

}, "selfLink": "A String", # [Output-only] A URL that can be used to access this resource again. "snapshotDefinition": { # [Output-only] Snapshot definition. - "baseTableReference": { # [Required] Reference describing the ID of the table that was snapshot. + "baseTableReference": { # [Required] Reference describing the ID of the table that is snapshotted. "datasetId": "A String", # [Required] The ID of the dataset containing this table. "projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. This value is reported in the JSON response using RFC3339 format. + "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. }, "streamingBuffer": { # [Output-only] Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. "estimatedBytes": "A String", # [Output-only] A lower-bound estimate of the number of bytes currently in the streaming buffer. @@ -1803,9 +1785,6 @@

Method Details

"quote": """, # [Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true. "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. }, - "decimalTargetTypes": [ # [Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is ["NUMERIC", "BIGNUMERIC"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, ["BIGNUMERIC", "NUMERIC"] is the same as ["NUMERIC", "BIGNUMERIC"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to ["NUMERIC", "STRING"] for ORC and ["NUMERIC"] for the other file formats. - "A String", - ], "googleSheetsOptions": { # [Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS. "range": "A String", # [Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20 "skipLeadingRows": "A String", # [Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema. @@ -1942,12 +1921,12 @@

Method Details

}, "selfLink": "A String", # [Output-only] A URL that can be used to access this resource again. "snapshotDefinition": { # [Output-only] Snapshot definition. - "baseTableReference": { # [Required] Reference describing the ID of the table that was snapshot. + "baseTableReference": { # [Required] Reference describing the ID of the table that is snapshotted. "datasetId": "A String", # [Required] The ID of the dataset containing this table. "projectId": "A String", # [Required] The ID of the project containing this table. "tableId": "A String", # [Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters. }, - "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. This value is reported in the JSON response using RFC3339 format. + "snapshotTime": "A String", # [Required] The time at which the base table was snapshot. }, "streamingBuffer": { # [Output-only] Contains information regarding this table's streaming buffer, if one is present. This field will be absent if the table is not being streamed to or if there is no data in the streaming buffer. "estimatedBytes": "A String", # [Output-only] A lower-bound estimate of the number of bytes currently in the streaming buffer. diff --git a/docs/dyn/compute_alpha.backendServices.html b/docs/dyn/compute_alpha.backendServices.html index fce4717674e..6d76edfaed5 100644 --- a/docs/dyn/compute_alpha.backendServices.html +++ b/docs/dyn/compute_alpha.backendServices.html @@ -98,6 +98,9 @@

Instance Methods

getHealth(project, backendService, body=None)

Gets the most recent health check results for this BackendService.

+

+ getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

+

Gets the access control policy for a resource. May be empty if no such policy or resource exists.

insert(project, body=None, requestId=None)

Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.

@@ -113,6 +116,9 @@

Instance Methods

setEdgeSecurityPolicy(project, backendService, body=None, requestId=None)

Sets the edge security policy for the specified backend service.

+

+ setIamPolicy(project, resource, body=None)

+

Sets the access control policy on the specified resource. Replaces any existing policy.

setSecurityPolicy(project, backendService, body=None, requestId=None)

Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview

@@ -759,14 +765,16 @@

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -1511,14 +1519,16 @@

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -1570,6 +1580,202 @@

Method Details

} +
+ getIamPolicy(project, resource, optionsRequestedPolicyVersion=None) +
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
+
+Args:
+  project: string, Project ID for this request. (required)
+  resource: string, Name or id of the resource for this request. (required)
+  optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+            "A String",
+          ],
+          "ignoreChildExemptions": True or False,
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "exemptedMembers": [
+        "A String",
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
+            "A String",
+          ],
+        },
+      ],
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+        "A String",
+      ],
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
+            },
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+          },
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+              },
+            ],
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
+          },
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
+          },
+        },
+      ],
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+        "A String",
+      ],
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+        "A String",
+      ],
+    },
+  ],
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}
+
+
insert(project, body=None, requestId=None)
Creates a BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
@@ -2098,14 +2304,16 @@ 

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -2729,14 +2937,16 @@

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -3302,14 +3512,16 @@

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -3471,6 +3683,451 @@

Method Details

}
+
+ setIamPolicy(project, resource, body=None) +
Sets the access control policy on the specified resource. Replaces any existing policy.
+
+Args:
+  project: string, Project ID for this request. (required)
+  resource: string, Name or id of the resource for this request. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{
+  "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+        "auditLogConfigs": [ # The configuration for logging of each type of permission.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+              "A String",
+            ],
+            "ignoreChildExemptions": True or False,
+            "logType": "A String", # The log type that this config enables.
+          },
+        ],
+        "exemptedMembers": [
+          "A String",
+        ],
+        "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+      },
+    ],
+    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+      { # Associates `members` with a `role`.
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+          "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+          "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+          "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+          "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+        },
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+          "A String",
+        ],
+        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      },
+    ],
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
+              "A String",
+            ],
+          },
+        ],
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+          "A String",
+        ],
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
+              },
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+            },
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+                },
+              ],
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
+            },
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
+            },
+          },
+        ],
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+          "A String",
+        ],
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+          "A String",
+        ],
+      },
+    ],
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  },
+}
+
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+            "A String",
+          ],
+          "ignoreChildExemptions": True or False,
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "exemptedMembers": [
+        "A String",
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
+            "A String",
+          ],
+        },
+      ],
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+        "A String",
+      ],
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
+            },
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+          },
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+              },
+            ],
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
+          },
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
+          },
+        },
+      ],
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+        "A String",
+      ],
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+        "A String",
+      ],
+    },
+  ],
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}
+
+
setSecurityPolicy(project, backendService, body=None, requestId=None)
Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview
@@ -4112,14 +4769,16 @@ 

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. diff --git a/docs/dyn/compute_alpha.firewallPolicies.html b/docs/dyn/compute_alpha.firewallPolicies.html index 106b987a076..dc90b90ff11 100644 --- a/docs/dyn/compute_alpha.firewallPolicies.html +++ b/docs/dyn/compute_alpha.firewallPolicies.html @@ -106,7 +106,7 @@

Instance Methods

Creates a new policy in the specified project using the data included in the request.

list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

-

Lists all the policies that have been configured for the specified project.

+

Lists all the policies that have been configured for the specified folder or organization.

listAssociations(targetResource=None)

Lists associations of a specified target, i.e., organization or folder.

@@ -1028,7 +1028,7 @@

Method Details

list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None) -
Lists all the policies that have been configured for the specified project.
+  
Lists all the policies that have been configured for the specified folder or organization.
 
 Args:
   filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
diff --git a/docs/dyn/compute_alpha.instances.html b/docs/dyn/compute_alpha.instances.html
index 8b7621029fc..eaefe2df426 100644
--- a/docs/dyn/compute_alpha.instances.html
+++ b/docs/dyn/compute_alpha.instances.html
@@ -143,6 +143,9 @@ 

Instance Methods

list_next(previous_request, previous_response)

Retrieves the next page of results.

+

+ performMaintenance(project, zone, instance, requestId=None)

+

Perform a manual maintenance on the instance.

removeResourcePolicies(project, zone, instance, body=None, requestId=None)

Removes resource policies from an instance.

@@ -808,6 +811,9 @@

Method Details

"scheduling": { "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details. }, + "upcomingMaintenance": { + "canReschedule": True or False, # Indicates if the maintenance can be customer triggered. See go/sf-ctm-design for more details + }, }, "satisfiesPzs": True or False, # [Output Only] Reserved for future use. "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance. @@ -1560,6 +1566,9 @@

Method Details

"scheduling": { "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details. }, + "upcomingMaintenance": { + "canReschedule": True or False, # Indicates if the maintenance can be customer triggered. See go/sf-ctm-design for more details + }, }, "satisfiesPzs": True or False, # [Output Only] Reserved for future use. "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance. @@ -2010,6 +2019,7 @@

Method Details

"preference": "A String", # Preference for a given location: ALLOW or DENY. }, }, + "targetShape": "A String", # Strategy for distributing VMs across zones in a region. }, "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted. "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters. @@ -2716,6 +2726,9 @@

Method Details

"scheduling": { "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details. }, + "upcomingMaintenance": { + "canReschedule": True or False, # Indicates if the maintenance can be customer triggered. See go/sf-ctm-design for more details + }, }, "satisfiesPzs": True or False, # [Output Only] Reserved for future use. "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance. @@ -3751,6 +3764,9 @@

Method Details

"scheduling": { "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details. }, + "upcomingMaintenance": { + "canReschedule": True or False, # Indicates if the maintenance can be customer triggered. See go/sf-ctm-design for more details + }, }, "satisfiesPzs": True or False, # [Output Only] Reserved for future use. "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance. @@ -4310,6 +4326,9 @@

Method Details

"scheduling": { "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details. }, + "upcomingMaintenance": { + "canReschedule": True or False, # Indicates if the maintenance can be customer triggered. See go/sf-ctm-design for more details + }, }, "satisfiesPzs": True or False, # [Output Only] Reserved for future use. "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance. @@ -4502,6 +4521,85 @@

Method Details

+
+ performMaintenance(project, zone, instance, requestId=None) +
Perform a manual maintenance on the instance.
+
+Args:
+  project: string, Project ID for this request. (required)
+  zone: string, The name of the zone for this request. (required)
+  instance: string, Name of the instance scoping this request. (required)
+  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.
+
+For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.
+
+The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+
+Returns:
+  An object of the form:
+
+    { # Represents an Operation resource.
+    #
+    # Google Compute Engine has three Operation resources:
+    #
+    # * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations)
+    #
+    # You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses.
+    #
+    # Operations can be global, regional or zonal.
+    # - For global operations, use the `globalOperations` resource.
+    # - For regional operations, use the `regionOperations` resource.
+    # - For zonal operations, use the `zonalOperations` resource.
+    #
+    # For more information, read  Global, Regional, and Zonal Resources. (== resource_for {$api_version}.globalOperations ==) (== resource_for {$api_version}.regionOperations ==) (== resource_for {$api_version}.zoneOperations ==)
+  "clientOperationId": "A String", # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
+  "creationTimestamp": "A String", # [Deprecated] This field is deprecated.
+  "description": "A String", # [Output Only] A textual description of the operation, which is set when the operation is created.
+  "endTime": "A String", # [Output Only] The time that this operation was completed. This value is in RFC3339 text format.
+  "error": { # [Output Only] If errors are generated during processing of the operation, this field will be populated.
+    "errors": [ # [Output Only] The array of errors encountered while processing this operation.
+      {
+        "code": "A String", # [Output Only] The error type identifier for this error.
+        "location": "A String", # [Output Only] Indicates the field in the request that caused the error. This property is optional.
+        "message": "A String", # [Output Only] An optional, human-readable error message.
+      },
+    ],
+  },
+  "httpErrorMessage": "A String", # [Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as `NOT FOUND`.
+  "httpErrorStatusCode": 42, # [Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a `404` means the resource was not found.
+  "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
+  "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
+  "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
+  "name": "A String", # [Output Only] Name of the operation.
+  "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
+  "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
+  "progress": 42, # [Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.
+  "region": "A String", # [Output Only] The URL of the region where the operation resides. Only applicable when performing regional operations.
+  "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
+  "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
+  "startTime": "A String", # [Output Only] The time that this operation was started by the server. This value is in RFC3339 text format.
+  "status": "A String", # [Output Only] The status of the operation, which can be one of the following: `PENDING`, `RUNNING`, or `DONE`.
+  "statusMessage": "A String", # [Output Only] An optional textual description of the current status of the operation.
+  "targetId": "A String", # [Output Only] The unique target ID, which identifies a specific incarnation of the target resource.
+  "targetLink": "A String", # [Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from.
+  "user": "A String", # [Output Only] User who requested the operation, for example: `user@example.com`.
+  "warnings": [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
+    {
+      "code": "A String", # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
+      "data": [ # [Output Only] Metadata about this warning in key: value format. For example:
+          # "data": [ { "key": "scope", "value": "zones/us-east1-d" }
+        {
+          "key": "A String", # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
+          "value": "A String", # [Output Only] A warning data value corresponding to the key.
+        },
+      ],
+      "message": "A String", # [Output Only] A human-readable description of the warning code.
+    },
+  ],
+  "zone": "A String", # [Output Only] The URL of the zone where the operation resides. Only applicable when performing per-zone operations.
+}
+
+
removeResourcePolicies(project, zone, instance, body=None, requestId=None)
Removes resource policies from an instance.
@@ -7225,6 +7323,9 @@ 

Method Details

"scheduling": { "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details. }, + "upcomingMaintenance": { + "canReschedule": True or False, # Indicates if the maintenance can be customer triggered. See go/sf-ctm-design for more details + }, }, "satisfiesPzs": True or False, # [Output Only] Reserved for future use. "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance. diff --git a/docs/dyn/compute_alpha.interconnects.html b/docs/dyn/compute_alpha.interconnects.html index 467b81e65b9..b5d29a2ed4c 100644 --- a/docs/dyn/compute_alpha.interconnects.html +++ b/docs/dyn/compute_alpha.interconnects.html @@ -235,7 +235,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. @@ -573,7 +574,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. @@ -743,7 +745,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. @@ -855,7 +858,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. diff --git a/docs/dyn/compute_alpha.networkFirewallPolicies.html b/docs/dyn/compute_alpha.networkFirewallPolicies.html index 266dc326dd1..d01834aba56 100644 --- a/docs/dyn/compute_alpha.networkFirewallPolicies.html +++ b/docs/dyn/compute_alpha.networkFirewallPolicies.html @@ -78,7 +78,7 @@

Instance Methods

addAssociation(project, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)

Inserts an association for the specified firewall policy.

- addRule(project, firewallPolicy, body=None, requestId=None)

+ addRule(project, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None)

Inserts a rule into a firewall policy.

cloneRules(project, firewallPolicy, requestId=None, sourceFirewallPolicy=None)

@@ -220,7 +220,7 @@

Method Details

- addRule(project, firewallPolicy, body=None, requestId=None) + addRule(project, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None)
Inserts a rule into a firewall policy.
 
 Args:
@@ -276,6 +276,8 @@ 

Method Details

], } + maxPriority: integer, When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority. + minPriority: integer, When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority. requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. diff --git a/docs/dyn/compute_alpha.regionBackendServices.html b/docs/dyn/compute_alpha.regionBackendServices.html index f276cf0e39a..cfedcf40147 100644 --- a/docs/dyn/compute_alpha.regionBackendServices.html +++ b/docs/dyn/compute_alpha.regionBackendServices.html @@ -86,6 +86,9 @@

Instance Methods

getHealth(project, region, backendService, body=None)

Gets the most recent health check results for this regional BackendService.

+

+ getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

+

Gets the access control policy for a resource. May be empty if no such policy or resource exists.

insert(project, region, body=None, requestId=None)

Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.

@@ -98,6 +101,9 @@

Instance Methods

patch(project, region, backendService, body=None, requestId=None)

Updates the specified regional BackendService resource with the data included in the request. For more information, see Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

+

+ setIamPolicy(project, region, resource, body=None)

+

Sets the access control policy on the specified resource. Replaces any existing policy.

testIamPermissions(project, region, resource, body=None)

Returns permissions that a caller has on the specified resource.

@@ -720,14 +726,16 @@

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -776,6 +784,203 @@

Method Details

}
+
+ getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None) +
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
+
+Args:
+  project: string, Project ID for this request. (required)
+  region: string, The name of the region for this request. (required)
+  resource: string, Name or id of the resource for this request. (required)
+  optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+            "A String",
+          ],
+          "ignoreChildExemptions": True or False,
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "exemptedMembers": [
+        "A String",
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
+            "A String",
+          ],
+        },
+      ],
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+        "A String",
+      ],
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
+            },
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+          },
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+              },
+            ],
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
+          },
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
+          },
+        },
+      ],
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+        "A String",
+      ],
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+        "A String",
+      ],
+    },
+  ],
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}
+
+
insert(project, region, body=None, requestId=None)
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
@@ -1305,14 +1510,16 @@ 

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -1937,14 +2144,16 @@

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -2511,14 +2720,16 @@

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -2595,6 +2806,452 @@

Method Details

}
+
+ setIamPolicy(project, region, resource, body=None) +
Sets the access control policy on the specified resource. Replaces any existing policy.
+
+Args:
+  project: string, Project ID for this request. (required)
+  region: string, The name of the region for this request. (required)
+  resource: string, Name or id of the resource for this request. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{
+  "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+        "auditLogConfigs": [ # The configuration for logging of each type of permission.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+              "A String",
+            ],
+            "ignoreChildExemptions": True or False,
+            "logType": "A String", # The log type that this config enables.
+          },
+        ],
+        "exemptedMembers": [
+          "A String",
+        ],
+        "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+      },
+    ],
+    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+      { # Associates `members` with a `role`.
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+          "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+          "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+          "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+          "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+        },
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+          "A String",
+        ],
+        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      },
+    ],
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
+              "A String",
+            ],
+          },
+        ],
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+          "A String",
+        ],
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
+              },
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+            },
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+                },
+              ],
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
+            },
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
+            },
+          },
+        ],
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+          "A String",
+        ],
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+          "A String",
+        ],
+      },
+    ],
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  },
+}
+
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+            "A String",
+          ],
+          "ignoreChildExemptions": True or False,
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "exemptedMembers": [
+        "A String",
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
+            "A String",
+          ],
+        },
+      ],
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+        "A String",
+      ],
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
+            },
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+          },
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+              },
+            ],
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
+          },
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
+          },
+        },
+      ],
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+        "A String",
+      ],
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+        "A String",
+      ],
+    },
+  ],
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}
+
+
testIamPermissions(project, region, resource, body=None)
Returns permissions that a caller has on the specified resource.
@@ -3153,14 +3810,16 @@ 

Method Details

"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. diff --git a/docs/dyn/compute_alpha.regionInstances.html b/docs/dyn/compute_alpha.regionInstances.html index c73b81c78b7..03a66a83468 100644 --- a/docs/dyn/compute_alpha.regionInstances.html +++ b/docs/dyn/compute_alpha.regionInstances.html @@ -80,6 +80,9 @@

Instance Methods

close()

Close httplib2 connections.

+

+ recommendLocations(project, region, body=None)

+

Returns recommended locations (zones in a region) for specified sets of homogenous instances.

Method Details

bulkInsert(project, region, body=None, requestId=None) @@ -447,6 +450,9 @@

Method Details

"scheduling": { "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details. }, + "upcomingMaintenance": { + "canReschedule": True or False, # Indicates if the maintenance can be customer triggered. See go/sf-ctm-design for more details + }, }, "satisfiesPzs": True or False, # [Output Only] Reserved for future use. "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance. @@ -897,6 +903,7 @@

Method Details

"preference": "A String", # Preference for a given location: ALLOW or DENY. }, }, + "targetShape": "A String", # Strategy for distributing VMs across zones in a region. }, "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted. "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters. @@ -997,4 +1004,886 @@

Method Details

Close httplib2 connections.
+
+ recommendLocations(project, region, body=None) +
Returns recommended locations (zones in a region) for specified sets of homogenous instances.
+
+Args:
+  project: string, Project ID for this request. (required)
+  region: string, The name of the region for this request. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A transient resource used in compute.regionInstances.recommendLocations. This resource is not saved anywhere and used only to process the request.
+  "instanceSpecs": { # Specification of named homogeneous instance sets to find location for.
+      # Keys of this map are arbitrary (but must be different), defined by the caller used only in the response. They must follow RFC 1035 name standard. Specifically, they must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+      # Values are trimmed BulkInsertInstanceResource messages, without the following fields:
+      # - min_count
+      # - predefined_name
+      # - name_pattern
+      # - per_instance_properties
+      # - instance
+      # - secure_tag
+      # - location_policy
+    "a_key": { # A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert and compute.regionInstances.recommendLocations. This resource is not persisted anywhere, it is used only for processing the requests.
+      "count": "A String", # The maximum number of instances to create.
+      "instance": { # Represents an Instance resource. # DEPRECATED: Please use instance_properties instead.
+          #
+          # An instance is a virtual machine that is hosted on Google Cloud Platform. For more information, read Virtual Machine Instances. (== resource_for {$api_version}.instances ==)
+        "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
+          "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
+          "numaNodeCount": 42, # The number of vNUMA nodes.
+          "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
+          "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
+        },
+        "canIpForward": True or False, # Allows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes. For more information, see Enabling IP Forwarding.
+        "confidentialInstanceConfig": { # A set of Confidential Instance options.
+          "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
+        },
+        "cpuPlatform": "A String", # [Output Only] The CPU platform used by this instance.
+        "creationTimestamp": "A String", # [Output Only] Creation timestamp in RFC3339 text format.
+        "deletionProtection": True or False, # Whether the resource should be protected against deletion.
+        "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
+        "disks": [ # Array of disks associated with this instance. Persistent disks must be created before you can assign them.
+          { # An instance-attached disk resource.
+            "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
+            "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
+            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                #
+                # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                #
+                # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                #
+                # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                #
+                # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+              "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+              "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
+              "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+            },
+            "diskSizeGb": "A String", # The size of the disk in GB.
+            "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              { # Guest OS features.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
+              },
+            ],
+            "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
+            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+              "description": "A String", # An optional description. Provide this property when creating the disk.
+              "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
+              "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
+              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                  # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                  #
+                  #
+                  # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                  # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                  # - projects/project/zones/zone/diskTypes/diskType
+                  # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                  #
+                  # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+                { # Guest OS features.
+                  "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
+                },
+              ],
+              "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
+                "a_key": "A String",
+              },
+              "multiWriter": True or False, # Indicates whether or not the disk can be read/write attached to more than one instance.
+              "onUpdateAction": "A String", # Specifies which action to take on instance update with this disk. Default is to use the existing disk.
+              "provisionedIops": "A String", # Indicates how many IOPS must be provisioned for the disk.
+              "replicaZones": [ # URLs of the zones where the disk should be replicated to. Only applicable for regional resources.
+                "A String",
+              ],
+              "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
+                "A String",
+              ],
+              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                  # projects/debian-cloud/global/images/family/debian-9
+                  #
+                  #
+                  # Alternatively, use a specific version of a public operating system image:
+                  # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                  #
+                  #
+                  # To create a disk with a custom image that you created, specify the image name in the following format:
+                  # global/images/my-custom-image
+                  #
+                  #
+                  # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                  # global/images/family/my-image-family
+                  #
+                  #
+                  # If the source image is deleted later, this field will not be set.
+              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+                "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+                "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
+                "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+              },
+              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                  # global/snapshots/my-backup
+                  #
+                  #
+                  # If the source snapshot is deleted later, this field will not be set.
+              "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
+                "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+                "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
+                "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+              },
+            },
+            "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.
+            "kind": "compute#attachedDisk", # [Output Only] Type of the resource. Always compute#attachedDisk for attached disks.
+            "licenses": [ # [Output Only] Any valid publicly visible licenses.
+              "A String",
+            ],
+            "mode": "A String", # The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.
+            "savedState": "A String", # For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.
+            "shieldedInstanceInitialState": { # Initial State for shielded instance, these are public keys which are safe to store in public # [Output Only] shielded vm initial state stored on disk
+              "dbs": [ # The Key Database (db).
+                {
+                  "content": "A String", # The raw content in the secure keys file.
+                  "fileType": "A String", # The file type of source file.
+                },
+              ],
+              "dbxs": [ # The forbidden key database (dbx).
+                {
+                  "content": "A String", # The raw content in the secure keys file.
+                  "fileType": "A String", # The file type of source file.
+                },
+              ],
+              "keks": [ # The Key Exchange Key (KEK).
+                {
+                  "content": "A String", # The raw content in the secure keys file.
+                  "fileType": "A String", # The file type of source file.
+                },
+              ],
+              "pk": { # The Platform Key (PK).
+                "content": "A String", # The raw content in the secure keys file.
+                "fileType": "A String", # The file type of source file.
+              },
+            },
+            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                #
+                # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+            "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
+            "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
+              "A String",
+            ],
+          },
+        ],
+        "displayDevice": { # A set of Display Device options # Enables display device for the instance.
+          "enableDisplay": True or False, # Defines whether the instance has Display enabled.
+        },
+        "eraseWindowsVssSignature": True or False, # Specifies whether the disks restored from source snapshots or source machine image should erase Windows specific VSS signature.
+        "fingerprint": "A String", # Specifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
+            #
+            # To see the latest fingerprint, make get() request to the instance.
+        "guestAccelerators": [ # A list of the type and count of accelerator cards attached to the instance.
+          { # A specification of the type and number of accelerator cards attached to the instance.
+            "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
+            "acceleratorType": "A String", # Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types.
+          },
+        ],
+        "hostname": "A String", # Specifies the hostname of the instance. The specified hostname must be RFC1035 compliant. If hostname is not specified, the default hostname is [INSTANCE_NAME].c.[PROJECT_ID].internal when using the global DNS, and [INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal when using zonal DNS.
+        "id": "A String", # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
+        "instanceEncryptionKey": { # Encrypts or decrypts data for an instance with a customer-supplied encryption key.
+            #
+            # If you are creating a new instance, this field encrypts the local SSD and in-memory contents of the instance using a key that you provide.
+            #
+            # If you are restarting an instance protected with a customer-supplied encryption key, you must provide the correct key in order to successfully restart the instance.
+            #
+            # If you do not provide an encryption key when creating the instance, then the local SSD and in-memory contents will be encrypted using an automatically generated key and you do not need to provide a key to start the instance later.
+            #
+            # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt local SSDs and in-memory content in a managed instance group.
+          "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+          "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
+          "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+        },
+        "kind": "compute#instance", # [Output Only] Type of the resource. Always compute#instance for instances.
+        "labelFingerprint": "A String", # A fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
+            #
+            # To see the latest fingerprint, make get() request to the instance.
+        "labels": { # Labels to apply to this instance. These can be later modified by the setLabels method.
+          "a_key": "A String",
+        },
+        "lastStartTimestamp": "A String", # [Output Only] Last start timestamp in RFC3339 text format.
+        "lastStopTimestamp": "A String", # [Output Only] Last stop timestamp in RFC3339 text format.
+        "lastSuspendedTimestamp": "A String", # [Output Only] Last suspended timestamp in RFC3339 text format.
+        "machineType": "A String", # Full or partial URL of the machine type resource to use for this instance, in the format: zones/zone/machineTypes/machine-type. This is provided by the client when the instance is created. For example, the following is a valid partial url to a predefined machine type:
+            # zones/us-central1-f/machineTypes/n1-standard-1
+            #
+            #
+            # To create a custom machine type, provide a URL to a machine type in the following format, where CPUS is 1 or an even number up to 32 (2, 4, 6, ... 24, etc), and MEMORY is the total memory for this instance. Memory must be a multiple of 256 MB and must be supplied in MB (e.g. 5 GB of memory is 5120 MB):
+            # zones/zone/machineTypes/custom-CPUS-MEMORY
+            #
+            #
+            # For example: zones/us-central1-f/machineTypes/custom-4-5120
+            #
+            # For a full list of restrictions, read the Specifications for custom machine types.
+        "metadata": { # A metadata key/value entry. # The metadata key/value pairs assigned to this instance. This includes custom metadata and predefined keys.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve the resource.
+          "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
+            {
+              "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
+              "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
+            },
+          ],
+          "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
+        },
+        "minCpuPlatform": "A String", # Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: "Intel Haswell" or minCpuPlatform: "Intel Sandy Bridge".
+        "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
+        "networkInterfaces": [ # An array of network configurations for this instance. These specify how interfaces are configured to interact with other network services, such as connecting to the internet. Multiple interfaces are supported per instance.
+          { # A network interface resource attached to an instance.
+            "accessConfigs": [ # An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.
+              { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
+                "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
+                "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
+                "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
+                "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
+                "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
+                "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
+              },
+            ],
+            "aliasIpRanges": [ # An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks.
+              { # An alias IP range attached to an instance's network interface.
+                "ipCidrRange": "A String", # The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24).
+                "subnetworkRangeName": "A String", # The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used.
+              },
+            ],
+            "fingerprint": "A String", # Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface. The request will fail with error 400 Bad Request if the fingerprint is not provided, or 412 Precondition Failed if the fingerprint is out of date.
+            "internalIpv6PrefixLength": 42, # [Output Only] The prefix length of the primary internal IPv6 range.
+            "ipv6AccessConfigs": [ # An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access.
+              { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
+                "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
+                "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
+                "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
+                "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
+                "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
+                "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
+              },
+            ],
+            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                #
+                # Valid only if stackType is IPV4_IPV6.
+            "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
+            "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
+            "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
+            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                #
+                # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                # - projects/project/global/networks/network
+                # - global/networks/default
+            "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
+            "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
+            "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
+            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                #
+                # This field can be both set at instance creation and update network interface operations.
+            "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
+              {
+                "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
+                "ipAllocationMode": "A String",
+                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                    # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                    # - regions/region/subnetworks/subnetwork
+                "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
+              },
+            ],
+            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
+          },
+        ],
+        "networkPerformanceConfig": {
+          "externalIpEgressBandwidthTier": "A String",
+          "totalEgressBandwidthTier": "A String",
+        },
+        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
+        "preservedStateSizeGb": "A String", # Total amount of preserved state for SUSPENDED instances. Read-only in the api.
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for the VM. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
+        "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that this instance can consume from.
+          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
+          "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
+          "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
+            "A String",
+          ],
+        },
+        "resourcePolicies": [ # Resource policies applied to this instance.
+          "A String",
+        ],
+        "resourceStatus": { # Contains output only fields. Use this sub-message for actual values set on Instance attributes as compared to the value requested by the user (intent) in their instance CRUD calls. # [Output Only] Specifies values set for instance attributes as compared to the values requested by user in the corresponding input only field.
+          "scheduling": {
+            "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
+          },
+          "upcomingMaintenance": {
+            "canReschedule": True or False, # Indicates if the maintenance can be customer triggered. See go/sf-ctm-design for more details
+          },
+        },
+        "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
+        "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Sets the scheduling options for this instance.
+          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+              #
+              # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+          "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
+          "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
+          "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
+          "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
+          "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
+          "maintenanceInterval": "A String", # For more information about maintenance intervals, see Setting maintenance intervals.
+          "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
+          "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
+            { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.
+              "key": "A String", # Corresponds to the label key of Node resource.
+              "operator": "A String", # Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity.
+              "values": [ # Corresponds to the label values of Node resource.
+                "A String",
+              ],
+            },
+          ],
+          "onHostMaintenance": "A String", # Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.
+          "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
+        },
+        "secureTags": [ # [Input Only] Secure tags to apply to this instance. These can be later modified by the update method. Maximum number of secure tags allowed is 50.
+          "A String",
+        ],
+        "selfLink": "A String", # [Output Only] Server-defined URL for this resource.
+        "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
+        "serviceAccounts": [ # A list of service accounts, with their specified scopes, authorized for this instance. Only one service account per VM instance is supported.
+            #
+            # Service accounts generate access tokens that can be accessed through the metadata server and used to authenticate applications on the instance. See Service Accounts for more information.
+          { # A service account.
+            "email": "A String", # Email address of the service account.
+            "scopes": [ # The list of scopes to be made available for this service account.
+              "A String",
+            ],
+          },
+        ],
+        "shieldedInstanceConfig": { # A set of Shielded Instance options.
+          "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
+          "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
+          "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
+        },
+        "shieldedInstanceIntegrityPolicy": { # The policy describes the baseline against which Instance boot integrity is measured.
+          "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
+        },
+        "shieldedVmConfig": { # A set of Shielded VM options. # Deprecating, please use shielded_instance_config.
+          "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled.
+          "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled.
+          "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
+        },
+        "shieldedVmIntegrityPolicy": { # The policy describes the baseline against which VM instance boot integrity is measured. # Deprecating, please use shielded_instance_integrity_policy.
+          "updateAutoLearnPolicy": True or False, # Updates the integrity policy baseline using the measurements from the VM instance's most recent boot.
+        },
+        "sourceMachineImage": "A String", # Source machine image
+        "sourceMachineImageEncryptionKey": { # Source machine image encryption key when creating an instance from a machine image.
+          "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+          "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
+          "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+              #
+              # The key must meet the following requirements before you can provide it to Compute Engine:
+              # - The key is wrapped using a RSA public key certificate provided by Google.
+              # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+              # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+          "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+        },
+        "startRestricted": True or False, # [Output Only] Whether a VM has been restricted for start because Compute Engine has detected suspicious activity.
+        "status": "A String", # [Output Only] The status of the instance. One of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see  Instance life cycle.
+        "statusMessage": "A String", # [Output Only] An optional, human-readable explanation of the status.
+        "tags": { # A set of instance tags. # Tags to apply to this instance. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during instance creation. The tags can be later modified by the setTags method. Each tag within the list must comply with RFC1035. Multiple tags can be specified via the 'tags.items' field.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
+          "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
+            "A String",
+          ],
+        },
+        "upcomingMaintenance": { # Upcoming Maintenance notification information. # [Output Only] Specifies upcoming maintenance for the instance.
+          "date": "A String", # [Output Only] The date when the maintenance will take place. This value is in RFC3339 text format. DEPRECATED: Use start_time_window instead.
+          "startTimeWindow": { # Represents a window of time using two timestamps: `earliest` and `latest`. This timestamp values are in RFC3339 text format. # [Output Only] The start time window of the maintenance disruption.
+            "earliest": "A String",
+            "latest": "A String",
+          },
+          "time": "A String", # [Output Only] The time when the maintenance will take place. This value is in RFC3339 text format. DEPRECATED: Use start_time_window instead.
+          "type": "A String", # Defines the type of maintenance.
+        },
+        "zone": "A String", # [Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
+      },
+      "instanceProperties": { # The instance properties defining the VM instances to be created. Required if sourceInstanceTemplate is not provided.
+        "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
+          "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
+          "numaNodeCount": 42, # The number of vNUMA nodes.
+          "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
+          "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
+        },
+        "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
+        "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
+          "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
+        },
+        "description": "A String", # An optional text description for the instances that are created from these properties.
+        "disks": [ # An array of disks that are associated with the instances that are created from these properties.
+          { # An instance-attached disk resource.
+            "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
+            "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
+            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance.
+                #
+                # If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
+            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key.
+                #
+                # If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key.
+                #
+                # If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance.
+                #
+                # If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
+                #
+                # Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
+              "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+              "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
+              "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                  #
+                  # The key must meet the following requirements before you can provide it to Compute Engine:
+                  # - The key is wrapped using a RSA public key certificate provided by Google.
+                  # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                  # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+              "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+            },
+            "diskSizeGb": "A String", # The size of the disk in GB.
+            "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
+            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+              { # Guest OS features.
+                "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
+              },
+            ],
+            "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
+            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+                #
+                # This property is mutually exclusive with the source property; you can only define one or the other, but not both.
+              "description": "A String", # An optional description. Provide this property when creating the disk.
+              "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
+              "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
+              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example:
+                  # https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/pd-standard
+                  #
+                  #
+                  # Other values include pd-ssd and local-ssd. If you define this field, you can provide either the full or partial URL. For example, the following are valid values:
+                  # - https://www.googleapis.com/compute/v1/projects/project/zones/zone/diskTypes/diskType
+                  # - projects/project/zones/zone/diskTypes/diskType
+                  # - zones/zone/diskTypes/diskType  Note that for InstanceTemplate, this is the name of the disk type, not URL.
+              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read  Enabling guest operating system features to see a list of available options.
+                  #
+                  # Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
+                { # Guest OS features.
+                  "type": "A String", # The ID of a supported feature. Read  Enabling guest operating system features to see a list of available options.
+                },
+              ],
+              "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
+                "a_key": "A String",
+              },
+              "multiWriter": True or False, # Indicates whether or not the disk can be read/write attached to more than one instance.
+              "onUpdateAction": "A String", # Specifies which action to take on instance update with this disk. Default is to use the existing disk.
+              "provisionedIops": "A String", # Indicates how many IOPS must be provisioned for the disk.
+              "replicaZones": [ # URLs of the zones where the disk should be replicated to. Only applicable for regional resources.
+                "A String",
+              ],
+              "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
+                "A String",
+              ],
+              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image:
+                  # projects/debian-cloud/global/images/family/debian-9
+                  #
+                  #
+                  # Alternatively, use a specific version of a public operating system image:
+                  # projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD
+                  #
+                  #
+                  # To create a disk with a custom image that you created, specify the image name in the following format:
+                  # global/images/my-custom-image
+                  #
+                  #
+                  # You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name:
+                  # global/images/family/my-image-family
+                  #
+                  #
+                  # If the source image is deleted later, this field will not be set.
+              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+                  #
+                  # Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
+                "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+                "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
+                "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+              },
+              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD.
+                  #
+                  # To create a disk with a snapshot that you created, specify the snapshot name in the following format:
+                  # global/snapshots/my-backup
+                  #
+                  #
+                  # If the source snapshot is deleted later, this field will not be set.
+              "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
+                "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+                "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used.
+                "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+                    #
+                    # The key must meet the following requirements before you can provide it to Compute Engine:
+                    # - The key is wrapped using a RSA public key certificate provided by Google.
+                    # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding.  Gets the RSA public key certificate provided by Google at:
+                    # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+                "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+              },
+            },
+            "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.
+            "kind": "compute#attachedDisk", # [Output Only] Type of the resource. Always compute#attachedDisk for attached disks.
+            "licenses": [ # [Output Only] Any valid publicly visible licenses.
+              "A String",
+            ],
+            "mode": "A String", # The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.
+            "savedState": "A String", # For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.
+            "shieldedInstanceInitialState": { # Initial State for shielded instance, these are public keys which are safe to store in public # [Output Only] shielded vm initial state stored on disk
+              "dbs": [ # The Key Database (db).
+                {
+                  "content": "A String", # The raw content in the secure keys file.
+                  "fileType": "A String", # The file type of source file.
+                },
+              ],
+              "dbxs": [ # The forbidden key database (dbx).
+                {
+                  "content": "A String", # The raw content in the secure keys file.
+                  "fileType": "A String", # The file type of source file.
+                },
+              ],
+              "keks": [ # The Key Exchange Key (KEK).
+                {
+                  "content": "A String", # The raw content in the secure keys file.
+                  "fileType": "A String", # The file type of source file.
+                },
+              ],
+              "pk": { # The Platform Key (PK).
+                "content": "A String", # The raw content in the secure keys file.
+                "fileType": "A String", # The file type of source file.
+              },
+            },
+            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD.
+                #
+                # If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks.
+                #
+                # Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
+            "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
+            "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
+              "A String",
+            ],
+          },
+        ],
+        "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
+          "enableDisplay": True or False, # Defines whether the instance has Display enabled.
+        },
+        "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
+          { # A specification of the type and number of accelerator cards attached to the instance.
+            "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
+            "acceleratorType": "A String", # Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types.
+          },
+        ],
+        "labels": { # Labels to apply to instances that are created from these properties.
+          "a_key": "A String",
+        },
+        "machineType": "A String", # The machine type to use for instances that are created from these properties.
+        "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet.
+              #
+              # To see the latest fingerprint, make a get() request to retrieve the resource.
+          "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
+            {
+              "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
+              "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
+            },
+          ],
+          "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
+        },
+        "minCpuPlatform": "A String", # Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: "Intel Haswell" or minCpuPlatform: "Intel Sandy Bridge". For more information, read Specifying a Minimum CPU Platform.
+        "networkInterfaces": [ # An array of network access configurations for this interface.
+          { # A network interface resource attached to an instance.
+            "accessConfigs": [ # An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.
+              { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
+                "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
+                "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
+                "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
+                "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
+                "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
+                "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
+              },
+            ],
+            "aliasIpRanges": [ # An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks.
+              { # An alias IP range attached to an instance's network interface.
+                "ipCidrRange": "A String", # The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24).
+                "subnetworkRangeName": "A String", # The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used.
+              },
+            ],
+            "fingerprint": "A String", # Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface. The request will fail with error 400 Bad Request if the fingerprint is not provided, or 412 Precondition Failed if the fingerprint is out of date.
+            "internalIpv6PrefixLength": 42, # [Output Only] The prefix length of the primary internal IPv6 range.
+            "ipv6AccessConfigs": [ # An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access.
+              { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
+                "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
+                "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
+                "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
+                "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
+                "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
+                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD.
+                    #
+                    # If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier.
+                    #
+                    # If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
+                "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
+                "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
+              },
+            ],
+            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork.
+                #
+                # Valid only if stackType is IPV4_IPV6.
+            "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
+            "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
+            "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
+            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred.
+                #
+                # If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/global/networks/network
+                # - projects/project/global/networks/network
+                # - global/networks/default
+            "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
+            "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
+            "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
+            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used.
+                #
+                # This field can be both set at instance creation and update network interface operations.
+            "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
+              {
+                "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
+                "ipAllocationMode": "A String",
+                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                    # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                    # - regions/region/subnetworks/subnetwork
+                "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
+              },
+            ],
+            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs:
+                # - https://www.googleapis.com/compute/v1/projects/project/regions/region/subnetworks/subnetwork
+                # - regions/region/subnetworks/subnetwork
+          },
+        ],
+        "networkPerformanceConfig": {
+          "externalIpEgressBandwidthTier": "A String",
+          "totalEgressBandwidthTier": "A String",
+        },
+        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use  INHERIT_FROM_SUBNETWORK as default.
+        "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
+          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See  Consuming reserved instances for examples.
+          "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
+          "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
+            "A String",
+          ],
+        },
+        "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
+          "A String",
+        ],
+        "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
+          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted.
+              #
+              # By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
+          "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
+          "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
+          "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
+          "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
+          "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
+          "maintenanceInterval": "A String", # For more information about maintenance intervals, see Setting maintenance intervals.
+          "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
+          "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
+            { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.
+              "key": "A String", # Corresponds to the label key of Node resource.
+              "operator": "A String", # Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity.
+              "values": [ # Corresponds to the label values of Node resource.
+                "A String",
+              ],
+            },
+          ],
+          "onHostMaintenance": "A String", # Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.
+          "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
+        },
+        "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50.
+          "A String",
+        ],
+        "serviceAccounts": [ # A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances.
+          { # A service account.
+            "email": "A String", # Email address of the service account.
+            "scopes": [ # The list of scopes to be made available for this service account.
+              "A String",
+            ],
+          },
+        ],
+        "shieldedInstanceConfig": { # A set of Shielded Instance options.
+          "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
+          "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
+          "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
+        },
+        "shieldedVmConfig": { # A set of Shielded VM options. # Specifies the Shielded VM options for the instances that are created from these properties.
+          "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled.
+          "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled.
+          "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
+        },
+        "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
+          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags.
+              #
+              # To see the latest fingerprint, make get() request to the instance.
+          "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
+            "A String",
+          ],
+        },
+      },
+      "locationPolicy": { # Configuration for location policy among multiple possible locations (e.g. preferences for zone selection among zones in a single region). # Policy for chosing target zone.
+        "locations": { # Location configurations mapped by location name. Currently only zone names are supported and must be represented as valid internal URLs, such as zones/us-central1-a.
+          "a_key": {
+            "preference": "A String", # Preference for a given location: ALLOW or DENY.
+          },
+        },
+        "targetShape": "A String", # Strategy for distributing VMs across zones in a region.
+      },
+      "minCount": "A String", # The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted.
+      "namePattern": "A String", # The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern should contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: name_pattern of inst-#### will generate instance names such as inst-0001, inst-0002, ... . If there already exist instance(s) whose names match the name pattern in the same project and zone, then the generated instance numbers will start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### will be inst-0051, inst-0052, etc. The name pattern placeholder #...# can contain up to 18 characters.
+      "perInstanceProperties": { # Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used.
+        "a_key": { # Per-instance properties to be set on individual instances. To be extended in the future.
+          "name": "A String", # This field is only temporary. It will be removed. Do not use it.
+        },
+      },
+      "predefinedNames": [ # DEPRECATED: Please use per_instance_properties instead.
+        "A String",
+      ],
+      "secureTags": [ # DEPRECATED: Please use instance_properties.secure_tag instead. Secure tags to apply to this instance. These can be later modified by the update method. Maximum number of secure tags allowed is 50.
+        "A String",
+      ],
+      "sourceInstanceTemplate": "A String", # Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396.
+          #
+          # It can be a full or partial URL. For example, the following are all valid URLs to an instance template:
+          # - https://www.googleapis.com/compute/v1/projects/project/global/instanceTemplates/instanceTemplate
+          # - projects/project/global/instanceTemplates/instanceTemplate
+          # - global/instanceTemplates/instanceTemplate
+          #
+          # This field is optional.
+    },
+  },
+  "locationPolicy": { # Configuration for location policy among multiple possible locations (e.g. preferences for zone selection among zones in a single region). # Location policy to indicate allowed zones for instances, together with the shape of the distribution.
+    "locations": { # Location configurations mapped by location name. Currently only zone names are supported and must be represented as valid internal URLs, such as zones/us-central1-a.
+      "a_key": {
+        "preference": "A String", # Preference for a given location: ALLOW or DENY.
+      },
+    },
+    "targetShape": "A String", # Strategy for distributing VMs across zones in a region.
+  },
+}
+
+
+Returns:
+  An object of the form:
+
+    { # Response for for compute.regionInstances.recommendLocations.
+  "recommendedLocations": { # Instance count recommendations, keys are instance spec names.
+    "a_key": { # Instance count recommendations for a single instance specification.
+      "locations": { # Instance count recommendations, keys are zone names.
+        "a_key": { # Instance count recommendation for a single zone.
+          "instanceCount": 42, # Count of instances recommended.
+        },
+      },
+    },
+  },
+}
+
+ \ No newline at end of file diff --git a/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html b/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html index 043a13c61c4..f181a0146b2 100644 --- a/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html +++ b/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html @@ -78,7 +78,7 @@

Instance Methods

addAssociation(project, region, firewallPolicy, body=None, replaceExistingAssociation=None, requestId=None)

Inserts an association for the specified network firewall policy.

- addRule(project, region, firewallPolicy, body=None, requestId=None)

+ addRule(project, region, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None)

Inserts a rule into a network firewall policy.

cloneRules(project, region, firewallPolicy, requestId=None, sourceFirewallPolicy=None)

@@ -221,7 +221,7 @@

Method Details

- addRule(project, region, firewallPolicy, body=None, requestId=None) + addRule(project, region, firewallPolicy, body=None, maxPriority=None, minPriority=None, requestId=None)
Inserts a rule into a network firewall policy.
 
 Args:
@@ -278,6 +278,8 @@ 

Method Details

], } + maxPriority: integer, When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority. + minPriority: integer, When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority. requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. diff --git a/docs/dyn/compute_alpha.regionUrlMaps.html b/docs/dyn/compute_alpha.regionUrlMaps.html index 5e960f5d308..220ad6c77d6 100644 --- a/docs/dyn/compute_alpha.regionUrlMaps.html +++ b/docs/dyn/compute_alpha.regionUrlMaps.html @@ -246,7 +246,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -447,7 +447,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -643,7 +643,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -937,7 +937,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1153,7 +1153,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1354,7 +1354,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1550,7 +1550,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1844,7 +1844,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2230,7 +2230,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2431,7 +2431,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2627,7 +2627,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2921,7 +2921,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3168,7 +3168,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3369,7 +3369,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3565,7 +3565,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3859,7 +3859,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4170,7 +4170,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4371,7 +4371,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4567,7 +4567,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4861,7 +4861,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5145,7 +5145,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5346,7 +5346,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5542,7 +5542,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5836,7 +5836,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. diff --git a/docs/dyn/compute_alpha.routers.html b/docs/dyn/compute_alpha.routers.html index cd865ea3e6c..797bf1ec74c 100644 --- a/docs/dyn/compute_alpha.routers.html +++ b/docs/dyn/compute_alpha.routers.html @@ -239,7 +239,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -555,7 +555,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -1120,7 +1120,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -1393,7 +1393,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -1608,7 +1608,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -1863,7 +1863,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -2041,7 +2041,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -2255,7 +2255,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. diff --git a/docs/dyn/compute_alpha.urlMaps.html b/docs/dyn/compute_alpha.urlMaps.html index bb5ec493b19..b23de147f6d 100644 --- a/docs/dyn/compute_alpha.urlMaps.html +++ b/docs/dyn/compute_alpha.urlMaps.html @@ -191,7 +191,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -392,7 +392,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -588,7 +588,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -882,7 +882,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1228,7 +1228,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1429,7 +1429,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1625,7 +1625,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1919,7 +1919,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2134,7 +2134,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2335,7 +2335,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2531,7 +2531,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2825,7 +2825,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3217,7 +3217,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3418,7 +3418,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3614,7 +3614,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3908,7 +3908,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4154,7 +4154,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4355,7 +4355,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4551,7 +4551,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4845,7 +4845,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5158,7 +5158,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5359,7 +5359,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5555,7 +5555,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5849,7 +5849,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6136,7 +6136,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6337,7 +6337,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6533,7 +6533,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6827,7 +6827,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. diff --git a/docs/dyn/compute_beta.backendServices.html b/docs/dyn/compute_beta.backendServices.html index bf888fbcae3..603034006e6 100644 --- a/docs/dyn/compute_beta.backendServices.html +++ b/docs/dyn/compute_beta.backendServices.html @@ -98,6 +98,9 @@

Instance Methods

getHealth(project, backendService, body=None)

Gets the most recent health check results for this BackendService.

+

+ getIamPolicy(project, resource, optionsRequestedPolicyVersion=None)

+

Gets the access control policy for a resource. May be empty if no such policy or resource exists.

insert(project, body=None, requestId=None)

Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.

@@ -113,6 +116,9 @@

Instance Methods

setEdgeSecurityPolicy(project, backendService, body=None, requestId=None)

Sets the edge security policy for the specified backend service.

+

+ setIamPolicy(project, resource, body=None)

+

Sets the access control policy on the specified resource. Replaces any existing policy.

setSecurityPolicy(project, backendService, body=None, requestId=None)

Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview

@@ -520,14 +526,16 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -1032,14 +1040,16 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -1091,6 +1101,202 @@

Method Details

}
+
+ getIamPolicy(project, resource, optionsRequestedPolicyVersion=None) +
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
+
+Args:
+  project: string, Project ID for this request. (required)
+  resource: string, Name or id of the resource for this request. (required)
+  optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+            "A String",
+          ],
+          "ignoreChildExemptions": True or False,
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "exemptedMembers": [
+        "A String",
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
+            "A String",
+          ],
+        },
+      ],
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+        "A String",
+      ],
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
+            },
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+          },
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+              },
+            ],
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
+          },
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
+          },
+        },
+      ],
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+        "A String",
+      ],
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+        "A String",
+      ],
+    },
+  ],
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}
+
+
insert(project, body=None, requestId=None)
Creates a BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
@@ -1381,14 +1587,16 @@ 

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -1773,14 +1981,16 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -2108,14 +2318,16 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -2275,6 +2487,451 @@

Method Details

}
+
+ setIamPolicy(project, resource, body=None) +
Sets the access control policy on the specified resource. Replaces any existing policy.
+
+Args:
+  project: string, Project ID for this request. (required)
+  resource: string, Name or id of the resource for this request. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{
+  "bindings": [ # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify bindings.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+        "auditLogConfigs": [ # The configuration for logging of each type of permission.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+              "A String",
+            ],
+            "ignoreChildExemptions": True or False,
+            "logType": "A String", # The log type that this config enables.
+          },
+        ],
+        "exemptedMembers": [
+          "A String",
+        ],
+        "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+      },
+    ],
+    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+      { # Associates `members` with a `role`.
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+          "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+          "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+          "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+          "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+        },
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+          "A String",
+        ],
+        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      },
+    ],
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
+              "A String",
+            ],
+          },
+        ],
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+          "A String",
+        ],
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
+              },
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+            },
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+                },
+              ],
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
+            },
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
+            },
+          },
+        ],
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+          "A String",
+        ],
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+          "A String",
+        ],
+      },
+    ],
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  },
+}
+
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+            "A String",
+          ],
+          "ignoreChildExemptions": True or False,
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "exemptedMembers": [
+        "A String",
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
+            "A String",
+          ],
+        },
+      ],
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+        "A String",
+      ],
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
+            },
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+          },
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+              },
+            ],
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
+          },
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
+          },
+        },
+      ],
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+        "A String",
+      ],
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+        "A String",
+      ],
+    },
+  ],
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}
+
+
setSecurityPolicy(project, backendService, body=None, requestId=None)
Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview
@@ -2677,14 +3334,16 @@ 

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. diff --git a/docs/dyn/compute_beta.firewallPolicies.html b/docs/dyn/compute_beta.firewallPolicies.html index da78cf75c46..3b019a38523 100644 --- a/docs/dyn/compute_beta.firewallPolicies.html +++ b/docs/dyn/compute_beta.firewallPolicies.html @@ -106,7 +106,7 @@

Instance Methods

Creates a new policy in the specified project using the data included in the request.

list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

-

Lists all the policies that have been configured for the specified project.

+

Lists all the policies that have been configured for the specified folder or organization.

listAssociations(targetResource=None)

Lists associations of a specified target, i.e., organization or folder.

@@ -973,7 +973,7 @@

Method Details

list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None) -
Lists all the policies that have been configured for the specified project.
+  
Lists all the policies that have been configured for the specified folder or organization.
 
 Args:
   filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
diff --git a/docs/dyn/compute_beta.interconnects.html b/docs/dyn/compute_beta.interconnects.html
index 727bfc10a39..c9ae1b80d9c 100644
--- a/docs/dyn/compute_beta.interconnects.html
+++ b/docs/dyn/compute_beta.interconnects.html
@@ -228,7 +228,8 @@ 

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. @@ -368,7 +369,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. @@ -535,7 +537,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. @@ -645,7 +648,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. diff --git a/docs/dyn/compute_beta.regionBackendServices.html b/docs/dyn/compute_beta.regionBackendServices.html index c79ecaa87c7..88e6b2ac1d6 100644 --- a/docs/dyn/compute_beta.regionBackendServices.html +++ b/docs/dyn/compute_beta.regionBackendServices.html @@ -86,6 +86,9 @@

Instance Methods

getHealth(project, region, backendService, body=None)

Gets the most recent health check results for this regional BackendService.

+

+ getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None)

+

Gets the access control policy for a resource. May be empty if no such policy or resource exists.

insert(project, region, body=None, requestId=None)

Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.

@@ -98,6 +101,9 @@

Instance Methods

patch(project, region, backendService, body=None, requestId=None)

Updates the specified regional BackendService resource with the data included in the request. For more information, see Understanding backend services This method supports PATCH semantics and uses the JSON merge patch format and processing rules.

+

+ setIamPolicy(project, region, resource, body=None)

+

Sets the access control policy on the specified resource. Replaces any existing policy.

testIamPermissions(project, region, resource, body=None)

Returns permissions that a caller has on the specified resource.

@@ -481,14 +487,16 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -537,6 +545,203 @@

Method Details

}
+
+ getIamPolicy(project, region, resource, optionsRequestedPolicyVersion=None) +
Gets the access control policy for a resource. May be empty if no such policy or resource exists.
+
+Args:
+  project: string, Project ID for this request. (required)
+  region: string, The name of the region for this request. (required)
+  resource: string, Name or id of the resource for this request. (required)
+  optionsRequestedPolicyVersion: integer, Requested IAM Policy version.
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+            "A String",
+          ],
+          "ignoreChildExemptions": True or False,
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "exemptedMembers": [
+        "A String",
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
+            "A String",
+          ],
+        },
+      ],
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+        "A String",
+      ],
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
+            },
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+          },
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+              },
+            ],
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
+          },
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
+          },
+        },
+      ],
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+        "A String",
+      ],
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+        "A String",
+      ],
+    },
+  ],
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}
+
+
insert(project, region, body=None, requestId=None)
Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see  Backend services overview.
@@ -828,14 +1033,16 @@ 

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -1221,14 +1428,16 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -1557,14 +1766,16 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. @@ -1640,6 +1851,452 @@

Method Details

}
+
+ setIamPolicy(project, region, resource, body=None) +
Sets the access control policy on the specified resource. Replaces any existing policy.
+
+Args:
+  project: string, Project ID for this request. (required)
+  region: string, The name of the region for this request. (required)
+  resource: string, Name or id of the resource for this request. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{
+  "bindings": [ # Flatten Policy to create a backwacd compatible wire-format. Deprecated. Use 'policy' to specify bindings.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # Flatten Policy to create a backward compatible wire-format. Deprecated. Use 'policy' to specify the etag.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. # REQUIRED: The complete policy to be applied to the 'resource'. The size of the policy is limited to a few 10s of KB. An empty policy is in general a valid policy but certain services (like Projects) might reject them.
+      #
+      #
+      #
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+      #
+      # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+      #
+      # **JSON example:**
+      #
+      # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+      #
+      # **YAML example:**
+      #
+      # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+      #
+      # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+      { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+          #
+          # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+          #
+          # Example Policy with multiple AuditConfigs:
+          #
+          # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+          #
+          # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+        "auditLogConfigs": [ # The configuration for logging of each type of permission.
+          { # Provides the configuration for logging a type of permissions. Example:
+              #
+              # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+              #
+              # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+            "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+              "A String",
+            ],
+            "ignoreChildExemptions": True or False,
+            "logType": "A String", # The log type that this config enables.
+          },
+        ],
+        "exemptedMembers": [
+          "A String",
+        ],
+        "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+      },
+    ],
+    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+      { # Associates `members` with a `role`.
+        "bindingId": "A String",
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+            #
+            # If the condition evaluates to `true`, then this binding applies to the current request.
+            #
+            # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+            #
+            # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+            #
+            # Example (Comparison):
+            #
+            # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+            #
+            # Example (Equality):
+            #
+            # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+            #
+            # Example (Logic):
+            #
+            # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+            #
+            # Example (Data Manipulation):
+            #
+            # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+            #
+            # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+          "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+          "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+          "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+          "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+        },
+        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+            #
+            # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+            #
+            # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+            #
+            # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+            #
+            #
+            #
+            # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+            #
+            # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+            #
+            # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+            #
+            # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+            #
+            # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+            #
+            #
+            #
+            # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+          "A String",
+        ],
+        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      },
+    ],
+    "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+    "iamOwned": True or False,
+    "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+      { # A rule to be applied in a Policy.
+        "action": "A String", # Required
+        "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+          { # A condition to be met.
+            "iam": "A String", # Trusted attributes supplied by the IAM system.
+            "op": "A String", # An operator to apply the subject with.
+            "svc": "A String", # Trusted attributes discharged by the service.
+            "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+            "values": [ # The objects of the condition.
+              "A String",
+            ],
+          },
+        ],
+        "description": "A String", # Human-readable description of the rule.
+        "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+          "A String",
+        ],
+        "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+          { # Specifies what kind of log the caller must write
+            "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+              "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+                "permissionType": "A String", # The type of the permission that was checked.
+              },
+              "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+            },
+            "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+                #
+                # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+                #
+                # Field names correspond to IAM request parameters and field values are their respective values.
+                #
+                # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+                #
+                # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+              "customFields": [ # Custom fields.
+                { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                  "name": "A String", # Name is the field name.
+                  "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+                },
+              ],
+              "field": "A String", # The field value to attribute.
+              "metric": "A String", # The metric to update.
+            },
+            "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+              "logMode": "A String",
+            },
+          },
+        ],
+        "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+          "A String",
+        ],
+        "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+          "A String",
+        ],
+      },
+    ],
+    "version": 42, # Specifies the format of the policy.
+        #
+        # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+        #
+        # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+        #
+        # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+        #
+        # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+        #
+        # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+        #
+        # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  },
+}
+
+
+Returns:
+  An object of the form:
+
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
+    #
+    #
+    #
+    # A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role.
+    #
+    # For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    #
+    # **JSON example:**
+    #
+    # { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
+    #
+    # **YAML example:**
+    #
+    # bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3
+    #
+    # For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+    { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
+        #
+        # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.
+        #
+        # Example Policy with multiple AuditConfigs:
+        #
+        # { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] }
+        #
+        # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
+      "auditLogConfigs": [ # The configuration for logging of each type of permission.
+        { # Provides the configuration for logging a type of permissions. Example:
+            #
+            # { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] }
+            #
+            # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.
+          "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][].
+            "A String",
+          ],
+          "ignoreChildExemptions": True or False,
+          "logType": "A String", # The log type that this config enables.
+        },
+      ],
+      "exemptedMembers": [
+        "A String",
+      ],
+      "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
+    },
+  ],
+  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
+    { # Associates `members` with a `role`.
+      "bindingId": "A String",
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. # The condition that is associated with this binding.
+          #
+          # If the condition evaluates to `true`, then this binding applies to the current request.
+          #
+          # If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.
+          #
+          # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+          #
+          # Example (Comparison):
+          #
+          # title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100"
+          #
+          # Example (Equality):
+          #
+          # title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email"
+          #
+          # Example (Logic):
+          #
+          # title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'"
+          #
+          # Example (Data Manipulation):
+          #
+          # title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)"
+          #
+          # The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values:
+          #
+          # * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account.
+          #
+          # * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account.
+          #
+          # * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` .
+          #
+          #
+          #
+          # * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`.
+          #
+          # * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
+          #
+          # * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding.
+          #
+          # * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding.
+          #
+          # * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
+          #
+          #
+          #
+          # * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "A String",
+      ],
+      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+    },
+  ],
+  "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy.
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+  "iamOwned": True or False,
+  "rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
+    { # A rule to be applied in a Policy.
+      "action": "A String", # Required
+      "conditions": [ # Additional restrictions that must be met. All conditions must pass for the rule to match.
+        { # A condition to be met.
+          "iam": "A String", # Trusted attributes supplied by the IAM system.
+          "op": "A String", # An operator to apply the subject with.
+          "svc": "A String", # Trusted attributes discharged by the service.
+          "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.
+          "values": [ # The objects of the condition.
+            "A String",
+          ],
+        },
+      ],
+      "description": "A String", # Human-readable description of the rule.
+      "ins": [ # If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
+        "A String",
+      ],
+      "logConfigs": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries that match the LOG action.
+        { # Specifies what kind of log the caller must write
+          "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+            "authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.
+              "permissionType": "A String", # The type of the permission that was checked.
+            },
+            "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+          },
+          "counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.
+              #
+              # Metric names should start with a '/', generally be lowercase-only, and end in "_count". Field names should not contain an initial slash. The actual exported metric names will have "/iam/policy" prepended.
+              #
+              # Field names correspond to IAM request parameters and field values are their respective values.
+              #
+              # Supported field names: - "authority", which is "[token]" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - "iam_principal", a representation of IAMContext.principal even if a token or authority selector is present; or - "" (empty string), resulting in a counter with no fields.
+              #
+              # Examples: counter { metric: "/debug_access_count" field: "iam_principal" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}
+            "customFields": [ # Custom fields.
+              { # Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.
+                "name": "A String", # Name is the field name.
+                "value": "A String", # Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext.
+              },
+            ],
+            "field": "A String", # The field value to attribute.
+            "metric": "A String", # The metric to update.
+          },
+          "dataAccess": { # Write a Data Access (Gin) log # Data access options.
+            "logMode": "A String",
+          },
+        },
+      ],
+      "notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
+        "A String",
+      ],
+      "permissions": [ # A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
+        "A String",
+      ],
+    },
+  ],
+  "version": 42, # Specifies the format of the policy.
+      #
+      # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected.
+      #
+      # Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations:
+      #
+      # * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions
+      #
+      # **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
+      #
+      # If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset.
+      #
+      # To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+}
+
+
testIamPermissions(project, region, resource, body=None)
Returns permissions that a caller has on the specified resource.
@@ -1960,14 +2617,16 @@ 

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # # When the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE. # # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. - "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing. + "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director. "policy": "A String", }, "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration. diff --git a/docs/dyn/compute_beta.regionUrlMaps.html b/docs/dyn/compute_beta.regionUrlMaps.html index 16ed6a5af43..f90f4668827 100644 --- a/docs/dyn/compute_beta.regionUrlMaps.html +++ b/docs/dyn/compute_beta.regionUrlMaps.html @@ -245,7 +245,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -446,7 +446,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -642,7 +642,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -936,7 +936,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1150,7 +1150,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1351,7 +1351,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1547,7 +1547,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1841,7 +1841,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2223,7 +2223,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2424,7 +2424,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2620,7 +2620,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2914,7 +2914,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3159,7 +3159,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3360,7 +3360,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3556,7 +3556,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3850,7 +3850,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4158,7 +4158,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4359,7 +4359,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4555,7 +4555,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4849,7 +4849,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5130,7 +5130,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5331,7 +5331,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5527,7 +5527,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5821,7 +5821,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. diff --git a/docs/dyn/compute_beta.routers.html b/docs/dyn/compute_beta.routers.html index bbb29a0c548..089c4914c9e 100644 --- a/docs/dyn/compute_beta.routers.html +++ b/docs/dyn/compute_beta.routers.html @@ -233,7 +233,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -509,7 +509,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -979,7 +979,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -1212,7 +1212,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -1388,7 +1388,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -1603,7 +1603,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -1742,7 +1742,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. @@ -1917,7 +1917,7 @@

Method Details

"name": "A String", # Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. "privateIpAddress": "A String", # The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. "redundantInterface": "A String", # Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - "subnetwork": "A String", # The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. + "subnetwork": "A String", # The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. }, ], "kind": "compute#router", # [Output Only] Type of resource. Always compute#router for routers. diff --git a/docs/dyn/compute_beta.urlMaps.html b/docs/dyn/compute_beta.urlMaps.html index 0a066b26c4a..75b1c5d68a6 100644 --- a/docs/dyn/compute_beta.urlMaps.html +++ b/docs/dyn/compute_beta.urlMaps.html @@ -191,7 +191,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -392,7 +392,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -588,7 +588,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -882,7 +882,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1225,7 +1225,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1426,7 +1426,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1622,7 +1622,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1916,7 +1916,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2129,7 +2129,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2330,7 +2330,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2526,7 +2526,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2820,7 +2820,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3208,7 +3208,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3409,7 +3409,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3605,7 +3605,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3899,7 +3899,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4143,7 +4143,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4344,7 +4344,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4540,7 +4540,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4834,7 +4834,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5144,7 +5144,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5345,7 +5345,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5541,7 +5541,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5835,7 +5835,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6119,7 +6119,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6320,7 +6320,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6516,7 +6516,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6810,7 +6810,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. diff --git a/docs/dyn/compute_v1.backendServices.html b/docs/dyn/compute_v1.backendServices.html index d047e9dc5ff..b65de89685d 100644 --- a/docs/dyn/compute_v1.backendServices.html +++ b/docs/dyn/compute_v1.backendServices.html @@ -480,7 +480,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # @@ -955,7 +957,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # @@ -1267,7 +1271,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # @@ -1622,7 +1628,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # @@ -1920,7 +1928,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # @@ -2341,7 +2351,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # diff --git a/docs/dyn/compute_v1.firewallPolicies.html b/docs/dyn/compute_v1.firewallPolicies.html index e85f6b8e900..9c0919a353c 100644 --- a/docs/dyn/compute_v1.firewallPolicies.html +++ b/docs/dyn/compute_v1.firewallPolicies.html @@ -106,7 +106,7 @@

Instance Methods

Creates a new policy in the specified project using the data included in the request.

list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None)

-

Lists all the policies that have been configured for the specified project.

+

Lists all the policies that have been configured for the specified folder or organization.

listAssociations(targetResource=None)

Lists associations of a specified target, i.e., organization or folder.

@@ -973,7 +973,7 @@

Method Details

list(filter=None, maxResults=None, orderBy=None, pageToken=None, parentId=None, returnPartialSuccess=None) -
Lists all the policies that have been configured for the specified project.
+  
Lists all the policies that have been configured for the specified folder or organization.
 
 Args:
   filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `>`, or `<`.
diff --git a/docs/dyn/compute_v1.interconnects.html b/docs/dyn/compute_v1.interconnects.html
index 3e95367d115..2be32e1ad94 100644
--- a/docs/dyn/compute_v1.interconnects.html
+++ b/docs/dyn/compute_v1.interconnects.html
@@ -222,7 +222,8 @@ 

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. @@ -356,7 +357,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. @@ -517,7 +519,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. @@ -621,7 +624,8 @@

Method Details

"startTime": "A String", # Scheduled start time for the outage (milliseconds since Unix epoch). "state": "A String", # State of this notification, which can take one of the following values: # - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. + # - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. + # - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. }, ], "googleIpAddress": "A String", # [Output Only] IP address configured on the Google side of the Interconnect link. This can be used only for ping tests. diff --git a/docs/dyn/compute_v1.regionBackendServices.html b/docs/dyn/compute_v1.regionBackendServices.html index 97087d1a1e5..3e6b6d4e31d 100644 --- a/docs/dyn/compute_v1.regionBackendServices.html +++ b/docs/dyn/compute_v1.regionBackendServices.html @@ -444,7 +444,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # @@ -754,7 +756,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # @@ -1110,7 +1114,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # @@ -1409,7 +1415,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # @@ -1747,7 +1755,9 @@

Method Details

"selfLink": "A String", # [Output Only] Server-defined URL for the resource. "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. # - # When the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. + # When the loadBalancingScheme is EXTERNAL: + # + # * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS. # # When the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. # diff --git a/docs/dyn/compute_v1.regionUrlMaps.html b/docs/dyn/compute_v1.regionUrlMaps.html index b0aa397bbc3..14b9dfb81e2 100644 --- a/docs/dyn/compute_v1.regionUrlMaps.html +++ b/docs/dyn/compute_v1.regionUrlMaps.html @@ -239,7 +239,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -440,7 +440,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -636,7 +636,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -913,7 +913,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1127,7 +1127,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1328,7 +1328,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1524,7 +1524,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1801,7 +1801,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2099,7 +2099,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2300,7 +2300,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2496,7 +2496,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2773,7 +2773,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3018,7 +3018,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3219,7 +3219,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3415,7 +3415,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3692,7 +3692,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3972,7 +3972,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4173,7 +4173,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4369,7 +4369,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4646,7 +4646,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4927,7 +4927,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5128,7 +5128,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5324,7 +5324,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5601,7 +5601,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. diff --git a/docs/dyn/compute_v1.urlMaps.html b/docs/dyn/compute_v1.urlMaps.html index 79803fbdb27..ec5aeff87c1 100644 --- a/docs/dyn/compute_v1.urlMaps.html +++ b/docs/dyn/compute_v1.urlMaps.html @@ -188,7 +188,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -389,7 +389,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -585,7 +585,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -862,7 +862,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1205,7 +1205,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1406,7 +1406,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1602,7 +1602,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -1879,7 +1879,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2092,7 +2092,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2293,7 +2293,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2489,7 +2489,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -2766,7 +2766,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3154,7 +3154,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3355,7 +3355,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3551,7 +3551,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -3828,7 +3828,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4072,7 +4072,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4273,7 +4273,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4469,7 +4469,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -4746,7 +4746,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5029,7 +5029,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5230,7 +5230,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5426,7 +5426,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5703,7 +5703,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -5987,7 +5987,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6188,7 +6188,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6384,7 +6384,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. @@ -6661,7 +6661,7 @@

Method Details

], "maxAge": 42, # Specifies how long results of a preflight request can be cached in seconds. This translates to the Access-Control-Max-Age header. }, - "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. + "faultInjectionPolicy": { # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. # The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection, # timeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy. "abort": { # Specification for how requests are aborted as part of fault injection. # The specification for how client requests are aborted as part of fault injection. "httpStatus": 42, # The HTTP status code used to abort the request. diff --git a/docs/dyn/container_v1.projects.locations.clusters.html b/docs/dyn/container_v1.projects.locations.clusters.html index 69e2d3970b6..a0264870691 100644 --- a/docs/dyn/container_v1.projects.locations.clusters.html +++ b/docs/dyn/container_v1.projects.locations.clusters.html @@ -277,6 +277,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # Specifies the node management options for NAP created node-pools. "autoRepair": True or False, # A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered. "autoUpgrade": True or False, # A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes. @@ -845,6 +846,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # Specifies the node management options for NAP created node-pools. "autoRepair": True or False, # A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered. "autoUpgrade": True or False, # A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes. @@ -1316,6 +1318,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # Specifies the node management options for NAP created node-pools. "autoRepair": True or False, # A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered. "autoUpgrade": True or False, # A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes. @@ -2595,6 +2598,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # Specifies the node management options for NAP created node-pools. "autoRepair": True or False, # A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered. "autoUpgrade": True or False, # A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes. diff --git a/docs/dyn/container_v1.projects.zones.clusters.html b/docs/dyn/container_v1.projects.zones.clusters.html index 0f0fb1a24d3..1fc01a503cb 100644 --- a/docs/dyn/container_v1.projects.zones.clusters.html +++ b/docs/dyn/container_v1.projects.zones.clusters.html @@ -378,6 +378,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # Specifies the node management options for NAP created node-pools. "autoRepair": True or False, # A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered. "autoUpgrade": True or False, # A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes. @@ -946,6 +947,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # Specifies the node management options for NAP created node-pools. "autoRepair": True or False, # A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered. "autoUpgrade": True or False, # A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes. @@ -1461,6 +1463,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # Specifies the node management options for NAP created node-pools. "autoRepair": True or False, # A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered. "autoUpgrade": True or False, # A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes. @@ -2656,6 +2659,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # Specifies the node management options for NAP created node-pools. "autoRepair": True or False, # A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered. "autoUpgrade": True or False, # A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes. diff --git a/docs/dyn/container_v1beta1.projects.locations.clusters.html b/docs/dyn/container_v1beta1.projects.locations.clusters.html index 7b8b62b71b7..698e9d56653 100644 --- a/docs/dyn/container_v1beta1.projects.locations.clusters.html +++ b/docs/dyn/container_v1beta1.projects.locations.clusters.html @@ -284,6 +284,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # NodeManagement configuration for this NodePool. "autoRepair": True or False, # Whether the nodes will be automatically repaired. "autoUpgrade": True or False, # Whether the nodes will be automatically upgraded. @@ -301,7 +302,7 @@

Method Details

"enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -523,7 +524,7 @@

Method Details

}, }, "nodePools": [ # The node pools associated with this cluster. This field should not be set if "node_config" or "initial_node_count" are specified. - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -635,7 +636,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -908,6 +909,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # NodeManagement configuration for this NodePool. "autoRepair": True or False, # Whether the nodes will be automatically repaired. "autoUpgrade": True or False, # Whether the nodes will be automatically upgraded. @@ -925,7 +927,7 @@

Method Details

"enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -1147,7 +1149,7 @@

Method Details

}, }, "nodePools": [ # The node pools associated with this cluster. This field should not be set if "node_config" or "initial_node_count" are specified. - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -1259,7 +1261,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -1435,6 +1437,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # NodeManagement configuration for this NodePool. "autoRepair": True or False, # Whether the nodes will be automatically repaired. "autoUpgrade": True or False, # Whether the nodes will be automatically upgraded. @@ -1452,7 +1455,7 @@

Method Details

"enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -1674,7 +1677,7 @@

Method Details

}, }, "nodePools": [ # The node pools associated with this cluster. This field should not be set if "node_config" or "initial_node_count" are specified. - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -1786,7 +1789,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -2777,6 +2780,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # NodeManagement configuration for this NodePool. "autoRepair": True or False, # Whether the nodes will be automatically repaired. "autoUpgrade": True or False, # Whether the nodes will be automatically upgraded. @@ -2794,7 +2798,7 @@

Method Details

"enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, diff --git a/docs/dyn/container_v1beta1.projects.locations.clusters.nodePools.html b/docs/dyn/container_v1beta1.projects.locations.clusters.nodePools.html index 602c07bcf0b..e9336abcba9 100644 --- a/docs/dyn/container_v1beta1.projects.locations.clusters.nodePools.html +++ b/docs/dyn/container_v1beta1.projects.locations.clusters.nodePools.html @@ -121,7 +121,7 @@

Method Details

{ # CreateNodePoolRequest creates a node pool for a cluster. "clusterId": "A String", # Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the parent field. - "nodePool": { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. # Required. The node pool to create. + "nodePool": { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Required. The node pool to create. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -233,7 +233,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -394,7 +394,7 @@

Method Details

Returns: An object of the form: - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -506,7 +506,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -533,7 +533,7 @@

Method Details

{ # ListNodePoolsResponse is the result of ListNodePoolsRequest. "nodePools": [ # A list of node pools for a cluster. - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -645,7 +645,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -1030,7 +1030,7 @@

Method Details

}, ], }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, diff --git a/docs/dyn/container_v1beta1.projects.zones.clusters.html b/docs/dyn/container_v1beta1.projects.zones.clusters.html index 7fc85431cf8..ed264d0ed45 100644 --- a/docs/dyn/container_v1beta1.projects.zones.clusters.html +++ b/docs/dyn/container_v1beta1.projects.zones.clusters.html @@ -392,6 +392,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # NodeManagement configuration for this NodePool. "autoRepair": True or False, # Whether the nodes will be automatically repaired. "autoUpgrade": True or False, # Whether the nodes will be automatically upgraded. @@ -409,7 +410,7 @@

Method Details

"enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -631,7 +632,7 @@

Method Details

}, }, "nodePools": [ # The node pools associated with this cluster. This field should not be set if "node_config" or "initial_node_count" are specified. - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -743,7 +744,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -1016,6 +1017,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # NodeManagement configuration for this NodePool. "autoRepair": True or False, # Whether the nodes will be automatically repaired. "autoUpgrade": True or False, # Whether the nodes will be automatically upgraded. @@ -1033,7 +1035,7 @@

Method Details

"enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -1255,7 +1257,7 @@

Method Details

}, }, "nodePools": [ # The node pools associated with this cluster. This field should not be set if "node_config" or "initial_node_count" are specified. - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -1367,7 +1369,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -1587,6 +1589,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # NodeManagement configuration for this NodePool. "autoRepair": True or False, # Whether the nodes will be automatically repaired. "autoUpgrade": True or False, # Whether the nodes will be automatically upgraded. @@ -1604,7 +1607,7 @@

Method Details

"enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -1826,7 +1829,7 @@

Method Details

}, }, "nodePools": [ # The node pools associated with this cluster. This field should not be set if "node_config" or "initial_node_count" are specified. - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -1938,7 +1941,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -2838,6 +2841,7 @@

Method Details

"bootDiskKmsKey": "A String", # The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption "diskSizeGb": 42, # Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB. "diskType": "A String", # Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard' + "imageType": "A String", # The image type to use for NAP created node. "management": { # NodeManagement defines the set of node management services turned on for the node pool. # NodeManagement configuration for this NodePool. "autoRepair": True or False, # Whether the nodes will be automatically repaired. "autoUpgrade": True or False, # Whether the nodes will be automatically upgraded. @@ -2855,7 +2859,7 @@

Method Details

"enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails. }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, diff --git a/docs/dyn/container_v1beta1.projects.zones.clusters.nodePools.html b/docs/dyn/container_v1beta1.projects.zones.clusters.nodePools.html index f1c71c3ffda..6129bf4ff09 100644 --- a/docs/dyn/container_v1beta1.projects.zones.clusters.nodePools.html +++ b/docs/dyn/container_v1beta1.projects.zones.clusters.nodePools.html @@ -210,7 +210,7 @@

Method Details

{ # CreateNodePoolRequest creates a node pool for a cluster. "clusterId": "A String", # Required. Deprecated. The name of the cluster. This field has been deprecated and replaced by the parent field. - "nodePool": { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. # Required. The node pool to create. + "nodePool": { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Required. The node pool to create. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -322,7 +322,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -483,7 +483,7 @@

Method Details

Returns: An object of the form: - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -595,7 +595,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -622,7 +622,7 @@

Method Details

{ # ListNodePoolsResponse is the result of ListNodePoolsRequest. "nodePools": [ # A list of node pools for a cluster. - { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. + { # NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. "autoscaling": { # NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. # Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present. "autoprovisioned": True or False, # Can this node pool be deleted automatically. "enabled": True or False, # Is autoscaling enabled for this node pool. @@ -734,7 +734,7 @@

Method Details

"selfLink": "A String", # [Output only] Server-defined URL for the resource. "status": "A String", # [Output only] The status of the nodes in this pool instance. "statusMessage": "A String", # [Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available. - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, @@ -1047,7 +1047,7 @@

Method Details

}, ], }, - "upgradeSettings": { # These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. # Upgrade settings control disruption and speed of the upgrade. + "upgradeSettings": { # Upgrade settings control disruption and speed of the upgrade. "maxSurge": 42, # The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process. "maxUnavailable": 42, # The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready. }, diff --git a/docs/dyn/dataproc_v1.projects.locations.workflowTemplates.html b/docs/dyn/dataproc_v1.projects.locations.workflowTemplates.html index 94ca941cf64..ea75d8b956e 100644 --- a/docs/dyn/dataproc_v1.projects.locations.workflowTemplates.html +++ b/docs/dyn/dataproc_v1.projects.locations.workflowTemplates.html @@ -443,7 +443,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -479,7 +480,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -546,7 +548,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -895,7 +898,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -931,7 +935,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -998,7 +1003,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1374,7 +1380,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1410,7 +1417,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1477,7 +1485,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1917,7 +1926,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1953,7 +1963,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2020,7 +2031,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2410,7 +2422,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2446,7 +2459,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2513,7 +2527,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2968,7 +2983,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3004,7 +3020,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3071,7 +3088,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3420,7 +3438,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3456,7 +3475,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3523,7 +3543,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. diff --git a/docs/dyn/dataproc_v1.projects.regions.clusters.html b/docs/dyn/dataproc_v1.projects.regions.clusters.html index 55ea4dc8e20..fdac44f0333 100644 --- a/docs/dyn/dataproc_v1.projects.regions.clusters.html +++ b/docs/dyn/dataproc_v1.projects.regions.clusters.html @@ -222,7 +222,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -258,7 +259,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -325,7 +327,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -585,7 +588,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -621,7 +625,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -688,7 +693,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -929,7 +935,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -965,7 +972,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1032,7 +1040,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1193,7 +1202,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1229,7 +1239,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1296,7 +1307,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. diff --git a/docs/dyn/dataproc_v1.projects.regions.workflowTemplates.html b/docs/dyn/dataproc_v1.projects.regions.workflowTemplates.html index 6f09b4bf4b9..870306e53cb 100644 --- a/docs/dyn/dataproc_v1.projects.regions.workflowTemplates.html +++ b/docs/dyn/dataproc_v1.projects.regions.workflowTemplates.html @@ -443,7 +443,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -479,7 +480,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -546,7 +548,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -895,7 +898,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -931,7 +935,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -998,7 +1003,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1374,7 +1380,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1410,7 +1417,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1477,7 +1485,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1917,7 +1926,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -1953,7 +1963,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2020,7 +2031,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2410,7 +2422,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2446,7 +2459,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2513,7 +2527,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -2968,7 +2983,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3004,7 +3020,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3071,7 +3088,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3420,7 +3438,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3456,7 +3475,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. @@ -3523,7 +3543,8 @@

Method Details

{ # A reference to a Compute Engine instance. "instanceId": "A String", # The unique identifier of the Compute Engine instance. "instanceName": "A String", # The user-friendly name of the Compute Engine instance. - "publicKey": "A String", # The public key used for sharing data with this instance. + "publicEciesKey": "A String", # The public ECIES key used for sharing data with this instance. + "publicKey": "A String", # The public RSA key used for sharing data with this instance. }, ], "isPreemptible": True or False, # Output only. Specifies that this instance group contains preemptible instances. diff --git a/docs/dyn/firestore_v1.projects.databases.documents.html b/docs/dyn/firestore_v1.projects.databases.documents.html index 58873196aeb..02464f5b2f5 100644 --- a/docs/dyn/firestore_v1.projects.databases.documents.html +++ b/docs/dyn/firestore_v1.projects.databases.documents.html @@ -175,7 +175,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -230,31 +234,16 @@

Method Details

{ # A transformation of a field of the document. "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference. "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -274,7 +263,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -294,7 +287,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -315,26 +312,7 @@

Method Details

}, "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "setToServerValue": "A String", # Sets the field to the given server value. @@ -345,7 +323,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -377,31 +359,16 @@

Method Details

{ # A transformation of a field of the document. "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference. "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -421,7 +388,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -441,7 +412,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -462,26 +437,7 @@

Method Details

}, "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "setToServerValue": "A String", # Sets the field to the given server value. @@ -515,7 +471,11 @@

Method Details

{ # The result of applying a write. "transformResults": [ # The results of applying each DocumentTransform.FieldTransform, in the same order. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -603,31 +563,16 @@

Method Details

{ # A transformation of a field of the document. "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference. "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -647,7 +592,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -667,7 +616,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -688,26 +641,7 @@

Method Details

}, "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "setToServerValue": "A String", # Sets the field to the given server value. @@ -718,7 +652,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -750,31 +688,16 @@

Method Details

{ # A transformation of a field of the document. "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference. "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -794,7 +717,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -814,7 +741,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -835,26 +766,7 @@

Method Details

}, "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "setToServerValue": "A String", # Sets the field to the given server value. @@ -878,7 +790,11 @@

Method Details

{ # The result of applying a write. "transformResults": [ # The results of applying each DocumentTransform.FieldTransform, in the same order. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -918,7 +834,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -956,7 +876,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1022,7 +946,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1075,7 +1003,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1185,7 +1117,11 @@

Method Details

"before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query. "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1233,7 +1169,11 @@

Method Details

"before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query. "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1267,7 +1207,11 @@

Method Details

}, "op": "A String", # The operator to filter by. "value": { # A message that can hold any of the supported value types. # The value to compare to. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1320,7 +1264,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1406,7 +1354,11 @@

Method Details

"before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query. "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1454,7 +1406,11 @@

Method Details

"before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query. "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1488,7 +1444,11 @@

Method Details

}, "op": "A String", # The operator to filter by. "value": { # A message that can hold any of the supported value types. # The value to compare to. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1533,7 +1493,11 @@

Method Details

"before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query. "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1585,7 +1549,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1625,7 +1593,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1699,7 +1671,11 @@

Method Details

"before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query. "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1747,7 +1723,11 @@

Method Details

"before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query. "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1781,7 +1761,11 @@

Method Details

}, "op": "A String", # The operator to filter by. "value": { # A message that can hold any of the supported value types. # The value to compare to. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1825,7 +1809,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1882,31 +1870,16 @@

Method Details

{ # A transformation of a field of the document. "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference. "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1926,7 +1899,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1946,7 +1923,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -1967,26 +1948,7 @@

Method Details

}, "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "setToServerValue": "A String", # Sets the field to the given server value. @@ -1997,7 +1959,11 @@

Method Details

"createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query. "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``. "a_key": { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -2029,31 +1995,16 @@

Method Details

{ # A transformation of a field of the document. "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference. "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -2073,7 +2024,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -2093,7 +2048,11 @@

Method Details

"timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. }, "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. @@ -2114,26 +2073,7 @@

Method Details

}, "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value. "values": [ # Values in the array. - { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. - "booleanValue": True or False, # A boolean value. - "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. - "doubleValue": 3.14, # A double value. - "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth. - "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0]. - "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0]. - }, - "integerValue": "A String", # An integer value. - "mapValue": { # A map value. # A map value. - "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. - "a_key": # Object with schema name: Value - }, - }, - "nullValue": "A String", # A null value. - "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`. - "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries. - "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down. - }, + # Object with schema name: Value ], }, "setToServerValue": "A String", # Sets the field to the given server value. @@ -2159,7 +2099,11 @@

Method Details

{ # The result of applying a write. "transformResults": [ # The results of applying each DocumentTransform.FieldTransform, in the same order. { # A message that can hold any of the supported value types. - "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array. + "values": [ # Values in the array. + # Object with schema name: Value + ], + }, "booleanValue": True or False, # A boolean value. "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries. "doubleValue": 3.14, # A double value. diff --git a/docs/dyn/lifesciences_v2beta.projects.locations.pipelines.html b/docs/dyn/lifesciences_v2beta.projects.locations.pipelines.html index 89c1cae0091..58c5fa8be6d 100644 --- a/docs/dyn/lifesciences_v2beta.projects.locations.pipelines.html +++ b/docs/dyn/lifesciences_v2beta.projects.locations.pipelines.html @@ -188,6 +188,7 @@

Method Details

}, "nvidiaDriverVersion": "A String", # The NVIDIA driver version to use when attaching an NVIDIA GPU accelerator. The version specified here must be compatible with the GPU libraries contained in the container being executed, and must be one of the drivers hosted in the `nvidia-drivers-us-public` bucket on Google Cloud Storage. "preemptible": True or False, # If true, allocate a preemptible VM. + "reservation": "A String", # If specified, the VM will only be allocated inside the matching reservation. It will fail if the VM parameters don't match the reservation. "serviceAccount": { # Carries information about a Google Cloud service account. # The service account to install on the VM. This account does not need any permissions other than those required by the pipeline. "email": "A String", # Email address of the service account. If not specified, the default Compute Engine service account for the project will be used. "scopes": [ # List of scopes to be enabled for this service account on the VM, in addition to the cloud-platform API scope that will be added by default. diff --git a/docs/dyn/osconfig_v1alpha.projects.locations.instanceOSPoliciesCompliances.html b/docs/dyn/osconfig_v1alpha.projects.locations.instanceOSPoliciesCompliances.html index 879c01af3d0..8c3c6d2f830 100644 --- a/docs/dyn/osconfig_v1alpha.projects.locations.instanceOSPoliciesCompliances.html +++ b/docs/dyn/osconfig_v1alpha.projects.locations.instanceOSPoliciesCompliances.html @@ -121,6 +121,7 @@

Method Details

{ # Compliance data for an OS policy resource. "configSteps": [ # Ordered list of configuration steps taken by the agent for the OS policy resource. { # Step performed by the OS Config agent for configuring an `OSPolicyResource` to its desired state. + "errorMessage": "A String", # An error message recorded during the execution of this step. Only populated when outcome is FAILED. "outcome": "A String", # Outcome of the configuration step. "type": "A String", # Configuration step type. }, @@ -173,6 +174,7 @@

Method Details

{ # Compliance data for an OS policy resource. "configSteps": [ # Ordered list of configuration steps taken by the agent for the OS policy resource. { # Step performed by the OS Config agent for configuring an `OSPolicyResource` to its desired state. + "errorMessage": "A String", # An error message recorded during the execution of this step. Only populated when outcome is FAILED. "outcome": "A String", # Outcome of the configuration step. "type": "A String", # Configuration step type. }, diff --git a/docs/dyn/pagespeedonline_v5.pagespeedapi.html b/docs/dyn/pagespeedonline_v5.pagespeedapi.html index 6a397c5d8df..16bc3eea4e8 100644 --- a/docs/dyn/pagespeedonline_v5.pagespeedapi.html +++ b/docs/dyn/pagespeedonline_v5.pagespeedapi.html @@ -133,6 +133,7 @@

Method Details

"errorMessage": "A String", # An error message from a thrown error inside the audit. "explanation": "A String", # An explanation of the errors in the audit. "id": "A String", # The audit's id. + "numericUnit": "A String", # The unit of the numeric_value field. Used to format the numeric value for display. "numericValue": 3.14, # A numeric value that has a meaning specific to the audit, e.g. the number of nodes in the DOM or the timestamp of a specific load event. More information can be found in the audit details, if present. "score": "", # The score of the audit, can be null. "scoreDisplayMode": "A String", # The enumerated score display mode. @@ -144,8 +145,12 @@

Method Details

"accessibility": { # A Lighthouse category. # The accessibility category, containing all accessibility related audits. "auditRefs": [ # An array of references to all the audit members of this category. { # A light reference to an audit by id, used to group and weight audits in a given category. + "acronym": "A String", # The conventional acronym for the audit/metric. "group": "A String", # The category group that the audit belongs to (optional). "id": "A String", # The audit ref id. + "relevantAudits": [ # Any audit IDs closely relevant to this one. + "A String", + ], "weight": 3.14, # The weight this audit's score has on the overall category score. }, ], @@ -158,8 +163,12 @@

Method Details

"best-practices": { # A Lighthouse category. # The best practices category, containing all best practices related audits. "auditRefs": [ # An array of references to all the audit members of this category. { # A light reference to an audit by id, used to group and weight audits in a given category. + "acronym": "A String", # The conventional acronym for the audit/metric. "group": "A String", # The category group that the audit belongs to (optional). "id": "A String", # The audit ref id. + "relevantAudits": [ # Any audit IDs closely relevant to this one. + "A String", + ], "weight": 3.14, # The weight this audit's score has on the overall category score. }, ], @@ -172,8 +181,12 @@

Method Details

"performance": { # A Lighthouse category. # The performance category, containing all performance related audits. "auditRefs": [ # An array of references to all the audit members of this category. { # A light reference to an audit by id, used to group and weight audits in a given category. + "acronym": "A String", # The conventional acronym for the audit/metric. "group": "A String", # The category group that the audit belongs to (optional). "id": "A String", # The audit ref id. + "relevantAudits": [ # Any audit IDs closely relevant to this one. + "A String", + ], "weight": 3.14, # The weight this audit's score has on the overall category score. }, ], @@ -186,8 +199,12 @@

Method Details

"pwa": { # A Lighthouse category. # The Progressive-Web-App (PWA) category, containing all pwa related audits. "auditRefs": [ # An array of references to all the audit members of this category. { # A light reference to an audit by id, used to group and weight audits in a given category. + "acronym": "A String", # The conventional acronym for the audit/metric. "group": "A String", # The category group that the audit belongs to (optional). "id": "A String", # The audit ref id. + "relevantAudits": [ # Any audit IDs closely relevant to this one. + "A String", + ], "weight": 3.14, # The weight this audit's score has on the overall category score. }, ], @@ -200,8 +217,12 @@

Method Details

"seo": { # A Lighthouse category. # The Search-Engine-Optimization (SEO) category, containing all seo related audits. "auditRefs": [ # An array of references to all the audit members of this category. { # A light reference to an audit by id, used to group and weight audits in a given category. + "acronym": "A String", # The conventional acronym for the audit/metric. "group": "A String", # The category group that the audit belongs to (optional). "id": "A String", # The audit ref id. + "relevantAudits": [ # Any audit IDs closely relevant to this one. + "A String", + ], "weight": 3.14, # The weight this audit's score has on the overall category score. }, ], @@ -235,20 +256,52 @@

Method Details

"i18n": { # Message containing the i18n data for the LHR - Version 1. # The internationalization strings that are required to render the LHR. "rendererFormattedStrings": { # Message holding the formatted strings used in the renderer. # Internationalized strings that are formatted to the locale in configSettings. "auditGroupExpandTooltip": "A String", # The tooltip text on an expandable chevron icon. + "calculatorLink": "A String", # Text link pointing to the Lighthouse scoring calculator. This link immediately follows a sentence stating the performance score is calculated from the perf metrics. "crcInitialNavigation": "A String", # The label for the initial request in a critical request chain. "crcLongestDurationLabel": "A String", # The label for values shown in the summary of critical request chains. + "dropdownCopyJSON": "A String", # Option in a dropdown menu that copies the Lighthouse JSON object to the system clipboard. + "dropdownDarkTheme": "A String", # Option in a dropdown menu that toggles the themeing of the report between Light(default) and Dark themes. + "dropdownPrintExpanded": "A String", # Option in a dropdown menu that opens a full Lighthouse report in a print dialog. + "dropdownPrintSummary": "A String", # Option in a dropdown menu that opens a small, summary report in a print dialog. + "dropdownSaveGist": "A String", # Option in a dropdown menu that saves the current report as a new GitHub Gist. + "dropdownSaveHTML": "A String", # Option in a dropdown menu that saves the Lighthouse report HTML locally to the system as a '.html' file. + "dropdownSaveJSON": "A String", # Option in a dropdown menu that saves the Lighthouse JSON object to the local system as a '.json' file. + "dropdownViewer": "A String", # Option in a dropdown menu that opens the current report in the Lighthouse Viewer Application. "errorLabel": "A String", # The label shown next to an audit or metric that has had an error. "errorMissingAuditInfo": "A String", # The error string shown next to an erroring audit. + "footerIssue": "A String", # Label for button to create an issue against the Lighthouse GitHub project. "labDataTitle": "A String", # The title of the lab data performance category. - "lsPerformanceCategoryDescription": "A String", # The disclaimer shown under performance explaning that the network can vary. + "lsPerformanceCategoryDescription": "A String", # The disclaimer shown under performance explaining that the network can vary. "manualAuditsGroupTitle": "A String", # The heading shown above a list of audits that were not computerd in the run. "notApplicableAuditsGroupTitle": "A String", # The heading shown above a list of audits that do not apply to a page. "opportunityResourceColumnLabel": "A String", # The heading for the estimated page load savings opportunity of an audit. "opportunitySavingsColumnLabel": "A String", # The heading for the estimated page load savings of opportunity audits. "passedAuditsGroupTitle": "A String", # The heading that is shown above a list of audits that are passing. + "runtimeDesktopEmulation": "A String", # Descriptive explanation for emulation setting when emulating a generic desktop form factor, as opposed to a mobile-device like form factor. + "runtimeMobileEmulation": "A String", # Descriptive explanation for emulation setting when emulating a Nexus 5X mobile device. + "runtimeNoEmulation": "A String", # Descriptive explanation for emulation setting when no device emulation is set. + "runtimeSettingsAxeVersion": "A String", # Label for a row in a table that shows the version of the Axe library used + "runtimeSettingsBenchmark": "A String", # Label for a row in a table that shows the estimated CPU power of the machine running Lighthouse. Example row values: 532, 1492, 783. + "runtimeSettingsCPUThrottling": "A String", # Label for a row in a table that describes the CPU throttling conditions that were used during a Lighthouse run, if any. + "runtimeSettingsChannel": "A String", # Label for a row in a table that shows in what tool Lighthouse is being run (e.g. The lighthouse CLI, Chrome DevTools, Lightrider, WebPageTest, etc). + "runtimeSettingsDevice": "A String", # Label for a row in a table that describes the kind of device that was emulated for the Lighthouse run. Example values for row elements: 'No Emulation', 'Emulated Desktop', etc. + "runtimeSettingsFetchTime": "A String", # Label for a row in a table that shows the time at which a Lighthouse run was conducted; formatted as a timestamp, e.g. Jan 1, 1970 12:00 AM UTC. + "runtimeSettingsNetworkThrottling": "A String", # Label for a row in a table that describes the network throttling conditions that were used during a Lighthouse run, if any. + "runtimeSettingsTitle": "A String", # Title of the Runtime settings table in a Lighthouse report. Runtime settings are the environment configurations that a specific report used at auditing time. + "runtimeSettingsUA": "A String", # Label for a row in a table that shows the User Agent that was detected on the Host machine that ran Lighthouse. + "runtimeSettingsUANetwork": "A String", # Label for a row in a table that shows the User Agent that was used to send out all network requests during the Lighthouse run. + "runtimeSettingsUrl": "A String", # Label for a row in a table that shows the URL that was audited during a Lighthouse run. + "runtimeUnknown": "A String", # Descriptive explanation for a runtime setting that is set to an unknown value. "scorescaleLabel": "A String", # The label that explains the score gauges scale (0-49, 50-89, 90-100). + "showRelevantAudits": "A String", # Label preceding a radio control for filtering the list of audits. The radio choices are various performance metrics (FCP, LCP, TBT), and if chosen, the audits in the report are hidden if they are not relevant to the selected metric. + "snippetCollapseButtonLabel": "A String", # The label for the button to show only a few lines of a snippet + "snippetExpandButtonLabel": "A String", # The label for the button to show all lines of a snippet + "thirdPartyResourcesLabel": "A String", # This label is for a filter checkbox above a table of items + "throttlingProvided": "A String", # Descriptive explanation for environment throttling that was provided by the runtime environment instead of provided by Lighthouse throttling. "toplevelWarningsMessage": "A String", # The label shown preceding important warnings that may have invalidated an entire report. "varianceDisclaimer": "A String", # The disclaimer shown below a performance metric value. + "viewTreemapLabel": "A String", # Label for a button that opens the Treemap App + "warningAuditsGroupTitle": "A String", # The heading that is shown above a list of audits that have warnings "warningHeader": "A String", # The label shown above a bulleted list of warnings. }, }, diff --git a/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.html b/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.html index beb4771a068..62b4424399b 100644 --- a/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.html +++ b/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.html @@ -77,9 +77,21 @@

Instance Methods

close()

Close httplib2 connections.

+

+ get(name, x__xgafv=None)

+

Returns a CertificateRevocationList.

getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

+

+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)

+

Lists CertificateRevocationLists.

+

+ list_next(previous_request, previous_response)

+

Retrieves the next page of results.

+

+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None)

+

Update a CertificateRevocationList.

setIamPolicy(resource, body=None, x__xgafv=None)

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

@@ -92,6 +104,42 @@

Method Details

Close httplib2 connections.
+
+ get(name, x__xgafv=None) +
Returns a CertificateRevocationList.
+
+Args:
+  name: string, Required. The name of the CertificateRevocationList to get. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A CertificateRevocationList corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.
+  "accessUrl": "A String", # Output only. The location where 'pem_crl' can be accessed.
+  "createTime": "A String", # Output only. The time at which this CertificateRevocationList was created.
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "name": "A String", # Output only. The resource name for this CertificateRevocationList in the format `projects/*/locations/*/caPools/*certificateAuthorities/*/ certificateRevocationLists/*`.
+  "pemCrl": "A String", # Output only. The PEM-encoded X.509 CRL.
+  "revisionId": "A String", # Output only. The revision ID of this CertificateRevocationList. A new revision is committed whenever a new CRL is published. The format is an 8-character hexadecimal string.
+  "revokedCertificates": [ # Output only. The revoked serial numbers that appear in pem_crl.
+    { # Describes a revoked Certificate.
+      "certificate": "A String", # The resource name for the Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+      "hexSerialNumber": "A String", # The serial number of the Certificate.
+      "revocationReason": "A String", # The reason the Certificate was revoked.
+    },
+  ],
+  "sequenceNumber": "A String", # Output only. The CRL sequence number that appears in pem_crl.
+  "state": "A String", # Output only. The State for this CertificateRevocationList.
+  "updateTime": "A String", # Output only. The time at which this CertificateRevocationList was updated.
+}
+
+
getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
@@ -140,6 +188,129 @@ 

Method Details

}
+
+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None) +
Lists CertificateRevocationLists.
+
+Args:
+  parent: string, Required. The resource name of the location associated with the CertificateRevocationLists, in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. (required)
+  filter: string, Optional. Only include resources that match the filter in the response.
+  orderBy: string, Optional. Specify how the results should be sorted.
+  pageSize: integer, Optional. Limit on the number of CertificateRevocationLists to include in the response. Further CertificateRevocationLists can subsequently be obtained by including the ListCertificateRevocationListsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.
+  pageToken: string, Optional. Pagination token, returned earlier via ListCertificateRevocationListsResponse.next_page_token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CertificateAuthorityService.ListCertificateRevocationLists.
+  "certificateRevocationLists": [ # The list of CertificateRevocationLists.
+    { # A CertificateRevocationList corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.
+      "accessUrl": "A String", # Output only. The location where 'pem_crl' can be accessed.
+      "createTime": "A String", # Output only. The time at which this CertificateRevocationList was created.
+      "labels": { # Optional. Labels with user-defined metadata.
+        "a_key": "A String",
+      },
+      "name": "A String", # Output only. The resource name for this CertificateRevocationList in the format `projects/*/locations/*/caPools/*certificateAuthorities/*/ certificateRevocationLists/*`.
+      "pemCrl": "A String", # Output only. The PEM-encoded X.509 CRL.
+      "revisionId": "A String", # Output only. The revision ID of this CertificateRevocationList. A new revision is committed whenever a new CRL is published. The format is an 8-character hexadecimal string.
+      "revokedCertificates": [ # Output only. The revoked serial numbers that appear in pem_crl.
+        { # Describes a revoked Certificate.
+          "certificate": "A String", # The resource name for the Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+          "hexSerialNumber": "A String", # The serial number of the Certificate.
+          "revocationReason": "A String", # The reason the Certificate was revoked.
+        },
+      ],
+      "sequenceNumber": "A String", # Output only. The CRL sequence number that appears in pem_crl.
+      "state": "A String", # Output only. The State for this CertificateRevocationList.
+      "updateTime": "A String", # Output only. The time at which this CertificateRevocationList was updated.
+    },
+  ],
+  "nextPageToken": "A String", # A token to retrieve next page of results. Pass this value in ListCertificateRevocationListsRequest.next_page_token to retrieve the next page of results.
+  "unreachable": [ # A list of locations (e.g. "us-west1") that could not be reached.
+    "A String",
+  ],
+}
+
+ +
+ list_next(previous_request, previous_response) +
Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call 'execute()' on to request the next
+  page. Returns None if there are no more items in the collection.
+    
+
+ +
+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None) +
Update a CertificateRevocationList.
+
+Args:
+  name: string, Output only. The resource name for this CertificateRevocationList in the format `projects/*/locations/*/caPools/*certificateAuthorities/*/ certificateRevocationLists/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A CertificateRevocationList corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.
+  "accessUrl": "A String", # Output only. The location where 'pem_crl' can be accessed.
+  "createTime": "A String", # Output only. The time at which this CertificateRevocationList was created.
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "name": "A String", # Output only. The resource name for this CertificateRevocationList in the format `projects/*/locations/*/caPools/*certificateAuthorities/*/ certificateRevocationLists/*`.
+  "pemCrl": "A String", # Output only. The PEM-encoded X.509 CRL.
+  "revisionId": "A String", # Output only. The revision ID of this CertificateRevocationList. A new revision is committed whenever a new CRL is published. The format is an 8-character hexadecimal string.
+  "revokedCertificates": [ # Output only. The revoked serial numbers that appear in pem_crl.
+    { # Describes a revoked Certificate.
+      "certificate": "A String", # The resource name for the Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+      "hexSerialNumber": "A String", # The serial number of the Certificate.
+      "revocationReason": "A String", # The reason the Certificate was revoked.
+    },
+  ],
+  "sequenceNumber": "A String", # Output only. The CRL sequence number that appears in pem_crl.
+  "state": "A String", # Output only. The State for this CertificateRevocationList.
+  "updateTime": "A String", # Output only. The time at which this CertificateRevocationList was updated.
+}
+
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  updateMask: string, Required. A list of fields to be updated in this request.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+
setIamPolicy(resource, body=None, x__xgafv=None)
Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
diff --git a/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.html b/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.html
index 9a6b80d7e9d..a3e9183d466 100644
--- a/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.html
+++ b/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.html
@@ -79,13 +79,1431 @@ 

Instance Methods

Returns the certificateRevocationLists Resource.

+

+ activate(name, body=None, x__xgafv=None)

+

Activate a CertificateAuthority that is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. After the parent Certificate Authority signs a certificate signing request from FetchCertificateAuthorityCsr, this method can complete the activation process.

close()

Close httplib2 connections.

+

+ create(parent, body=None, certificateAuthorityId=None, requestId=None, x__xgafv=None)

+

Create a new CertificateAuthority in a given Project and Location.

+

+ delete(name, ignoreActiveCertificates=None, requestId=None, x__xgafv=None)

+

Delete a CertificateAuthority.

+

+ disable(name, body=None, x__xgafv=None)

+

Disable a CertificateAuthority.

+

+ enable(name, body=None, x__xgafv=None)

+

Enable a CertificateAuthority.

+

+ fetch(name, x__xgafv=None)

+

Fetch a certificate signing request (CSR) from a CertificateAuthority that is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. The CSR must then be signed by the desired parent Certificate Authority, which could be another CertificateAuthority resource, or could be an on-prem certificate authority. See also ActivateCertificateAuthority.

+

+ get(name, x__xgafv=None)

+

Returns a CertificateAuthority.

+

+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)

+

Lists CertificateAuthorities.

+

+ list_next(previous_request, previous_response)

+

Retrieves the next page of results.

+

+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None)

+

Update a CertificateAuthority.

+

+ undelete(name, body=None, x__xgafv=None)

+

Undelete a CertificateAuthority that has been deleted.

Method Details

+
+ activate(name, body=None, x__xgafv=None) +
Activate a CertificateAuthority that is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. After the parent Certificate Authority signs a certificate signing request from FetchCertificateAuthorityCsr, this method can complete the activation process.
+
+Args:
+  name: string, Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for CertificateAuthorityService.ActivateCertificateAuthority.
+  "pemCaCertificate": "A String", # Required. The signed CA certificate issued from FetchCertificateAuthorityCsrResponse.pem_csr.
+  "requestId": "A String", # Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  "subordinateConfig": { # Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain. # Required. Must include information about the issuer of 'pem_ca_certificate', and any further issuers until the self-signed CA.
+    "certificateAuthority": "A String", # Required. This can refer to a CertificateAuthority in the same project that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+    "pemIssuerChain": { # This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons. # Required. Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.
+      "pemCertificates": [ # Required. Expected to be in leaf-to-root order according to RFC 5246.
+        "A String",
+      ],
+    },
+  },
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+
close()
Close httplib2 connections.
+
+ create(parent, body=None, certificateAuthorityId=None, requestId=None, x__xgafv=None) +
Create a new CertificateAuthority in a given Project and Location.
+
+Args:
+  parent: string, Required. The resource name of the CaPool associated with the CertificateAuthorities, in the format `projects/*/locations/*/caPools/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A CertificateAuthority represents an individual Certificate Authority. A CertificateAuthority can be used to create Certificates.
+  "accessUrls": { # URLs where a CertificateAuthority will publish content. # Output only. URLs for accessing content published by this CA, such as the CA certificate and CRLs.
+    "caCertificateAccessUrl": "A String", # The URL where this CertificateAuthority's CA certificate is published. This will only be set for CAs that have been activated.
+    "crlAccessUrls": [ # The URLs where this CertificateAuthority's CRLs are published. This will only be set for CAs that have been activated.
+      "A String",
+    ],
+  },
+  "caCertificateDescriptions": [ # Output only. A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.
+    { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.
+      "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+        "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+      },
+      "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+        "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+      },
+      "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+        "A String",
+      ],
+      "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+        "format": "A String", # Required. The format of the public key.
+        "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+      },
+      "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+        "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+        "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+        "notAfterTime": "A String", # The time at which the certificate expires.
+        "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+        "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+          "commonName": "A String", # The "common name" of the subject.
+          "countryCode": "A String", # The country code of the subject.
+          "locality": "A String", # The locality or city of the subject.
+          "organization": "A String", # The organization of the subject.
+          "organizationalUnit": "A String", # The organizational_unit of the subject.
+          "postalCode": "A String", # The postal code of the subject.
+          "province": "A String", # The province, territory, or regional state of the subject.
+          "streetAddress": "A String", # The street address of the subject.
+        },
+        "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+          "customSans": [ # Contains additional subject alternative name values.
+            { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+              "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+              "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+              "value": "A String", # Required. The value of this X.509 extension.
+            },
+          ],
+          "dnsNames": [ # Contains only valid, fully-qualified host names.
+            "A String",
+          ],
+          "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+            "A String",
+          ],
+          "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+            "A String",
+          ],
+          "uris": [ # Contains only valid RFC 3986 URIs.
+            "A String",
+          ],
+        },
+      },
+      "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+        "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+      },
+      "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+        "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+          "A String",
+        ],
+        "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+          "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+          "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+        },
+        "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+          "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+            "certSign": True or False, # The key may be used to sign certificates.
+            "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+            "crlSign": True or False, # The key may be used sign certificate revocation lists.
+            "dataEncipherment": True or False, # The key may be used to encipher data.
+            "decipherOnly": True or False, # The key may be used to decipher only.
+            "digitalSignature": True or False, # The key may be used for digital signatures.
+            "encipherOnly": True or False, # The key may be used to encipher only.
+            "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+            "keyEncipherment": True or False, # The key may be used to encipher other keys.
+          },
+          "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+            "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+            "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+            "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+            "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+            "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+            "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+          },
+          "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+            { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+          ],
+        },
+        "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+    },
+  ],
+  "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Required. Immutable. The config used to create a self-signed X.509 certificate or CSR.
+    "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "createTime": "A String", # Output only. The time at which this CertificateAuthority was created.
+  "deleteTime": "A String", # Output only. The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.
+  "expireTime": "A String", # Output only. The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.
+  "gcsBucket": "A String", # Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.
+  "keySpec": { # A Cloud KMS key configuration that a CertificateAuthority will use. # Required. Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
+    "algorithm": "A String", # The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.
+    "cloudKmsKeyVersion": "A String", # The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.
+  },
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "lifetime": "A String", # Required. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
+  "name": "A String", # Output only. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+  "pemCaCertificates": [ # Output only. This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.
+    "A String",
+  ],
+  "state": "A String", # Output only. The State for this CertificateAuthority.
+  "subordinateConfig": { # Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain. # Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.
+    "certificateAuthority": "A String", # Required. This can refer to a CertificateAuthority in the same project that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+    "pemIssuerChain": { # This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons. # Required. Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.
+      "pemCertificates": [ # Required. Expected to be in leaf-to-root order according to RFC 5246.
+        "A String",
+      ],
+    },
+  },
+  "tier": "A String", # Output only. The CaPool.Tier of the CaPool that includes this CertificateAuthority.
+  "type": "A String", # Required. Immutable. The Type of this CertificateAuthority.
+  "updateTime": "A String", # Output only. The time at which this CertificateAuthority was last updated.
+}
+
+  certificateAuthorityId: string, Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ +
+ delete(name, ignoreActiveCertificates=None, requestId=None, x__xgafv=None) +
Delete a CertificateAuthority.
+
+Args:
+  name: string, Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. (required)
+  ignoreActiveCertificates: boolean, Optional. This field allows the CA to be deleted even if the CA has active certs. Active certs include both unrevoked and unexpired certs.
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ +
+ disable(name, body=None, x__xgafv=None) +
Disable a CertificateAuthority.
+
+Args:
+  name: string, Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for CertificateAuthorityService.DisableCertificateAuthority.
+  "requestId": "A String", # Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ +
+ enable(name, body=None, x__xgafv=None) +
Enable a CertificateAuthority.
+
+Args:
+  name: string, Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for CertificateAuthorityService.EnableCertificateAuthority.
+  "requestId": "A String", # Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ +
+ fetch(name, x__xgafv=None) +
Fetch a certificate signing request (CSR) from a CertificateAuthority that is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. The CSR must then be signed by the desired parent Certificate Authority, which could be another CertificateAuthority resource, or could be an on-prem certificate authority. See also ActivateCertificateAuthority.
+
+Args:
+  name: string, Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CertificateAuthorityService.FetchCertificateAuthorityCsr.
+  "pemCsr": "A String", # Output only. The PEM-encoded signed certificate signing request (CSR).
+}
+
+ +
+ get(name, x__xgafv=None) +
Returns a CertificateAuthority.
+
+Args:
+  name: string, Required. The name of the CertificateAuthority to get. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A CertificateAuthority represents an individual Certificate Authority. A CertificateAuthority can be used to create Certificates.
+  "accessUrls": { # URLs where a CertificateAuthority will publish content. # Output only. URLs for accessing content published by this CA, such as the CA certificate and CRLs.
+    "caCertificateAccessUrl": "A String", # The URL where this CertificateAuthority's CA certificate is published. This will only be set for CAs that have been activated.
+    "crlAccessUrls": [ # The URLs where this CertificateAuthority's CRLs are published. This will only be set for CAs that have been activated.
+      "A String",
+    ],
+  },
+  "caCertificateDescriptions": [ # Output only. A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.
+    { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.
+      "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+        "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+      },
+      "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+        "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+      },
+      "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+        "A String",
+      ],
+      "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+        "format": "A String", # Required. The format of the public key.
+        "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+      },
+      "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+        "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+        "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+        "notAfterTime": "A String", # The time at which the certificate expires.
+        "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+        "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+          "commonName": "A String", # The "common name" of the subject.
+          "countryCode": "A String", # The country code of the subject.
+          "locality": "A String", # The locality or city of the subject.
+          "organization": "A String", # The organization of the subject.
+          "organizationalUnit": "A String", # The organizational_unit of the subject.
+          "postalCode": "A String", # The postal code of the subject.
+          "province": "A String", # The province, territory, or regional state of the subject.
+          "streetAddress": "A String", # The street address of the subject.
+        },
+        "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+          "customSans": [ # Contains additional subject alternative name values.
+            { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+              "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+              "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+              "value": "A String", # Required. The value of this X.509 extension.
+            },
+          ],
+          "dnsNames": [ # Contains only valid, fully-qualified host names.
+            "A String",
+          ],
+          "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+            "A String",
+          ],
+          "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+            "A String",
+          ],
+          "uris": [ # Contains only valid RFC 3986 URIs.
+            "A String",
+          ],
+        },
+      },
+      "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+        "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+      },
+      "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+        "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+          "A String",
+        ],
+        "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+          "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+          "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+        },
+        "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+          "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+            "certSign": True or False, # The key may be used to sign certificates.
+            "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+            "crlSign": True or False, # The key may be used sign certificate revocation lists.
+            "dataEncipherment": True or False, # The key may be used to encipher data.
+            "decipherOnly": True or False, # The key may be used to decipher only.
+            "digitalSignature": True or False, # The key may be used for digital signatures.
+            "encipherOnly": True or False, # The key may be used to encipher only.
+            "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+            "keyEncipherment": True or False, # The key may be used to encipher other keys.
+          },
+          "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+            "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+            "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+            "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+            "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+            "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+            "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+          },
+          "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+            { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+          ],
+        },
+        "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+    },
+  ],
+  "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Required. Immutable. The config used to create a self-signed X.509 certificate or CSR.
+    "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "createTime": "A String", # Output only. The time at which this CertificateAuthority was created.
+  "deleteTime": "A String", # Output only. The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.
+  "expireTime": "A String", # Output only. The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.
+  "gcsBucket": "A String", # Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.
+  "keySpec": { # A Cloud KMS key configuration that a CertificateAuthority will use. # Required. Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
+    "algorithm": "A String", # The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.
+    "cloudKmsKeyVersion": "A String", # The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.
+  },
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "lifetime": "A String", # Required. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
+  "name": "A String", # Output only. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+  "pemCaCertificates": [ # Output only. This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.
+    "A String",
+  ],
+  "state": "A String", # Output only. The State for this CertificateAuthority.
+  "subordinateConfig": { # Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain. # Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.
+    "certificateAuthority": "A String", # Required. This can refer to a CertificateAuthority in the same project that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+    "pemIssuerChain": { # This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons. # Required. Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.
+      "pemCertificates": [ # Required. Expected to be in leaf-to-root order according to RFC 5246.
+        "A String",
+      ],
+    },
+  },
+  "tier": "A String", # Output only. The CaPool.Tier of the CaPool that includes this CertificateAuthority.
+  "type": "A String", # Required. Immutable. The Type of this CertificateAuthority.
+  "updateTime": "A String", # Output only. The time at which this CertificateAuthority was last updated.
+}
+
+ +
+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None) +
Lists CertificateAuthorities.
+
+Args:
+  parent: string, Required. The resource name of the CaPool associated with the CertificateAuthorities, in the format `projects/*/locations/*/caPools/*`. (required)
+  filter: string, Optional. Only include resources that match the filter in the response.
+  orderBy: string, Optional. Specify how the results should be sorted.
+  pageSize: integer, Optional. Limit on the number of CertificateAuthorities to include in the response. Further CertificateAuthorities can subsequently be obtained by including the ListCertificateAuthoritiesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.
+  pageToken: string, Optional. Pagination token, returned earlier via ListCertificateAuthoritiesResponse.next_page_token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CertificateAuthorityService.ListCertificateAuthorities.
+  "certificateAuthorities": [ # The list of CertificateAuthorities.
+    { # A CertificateAuthority represents an individual Certificate Authority. A CertificateAuthority can be used to create Certificates.
+      "accessUrls": { # URLs where a CertificateAuthority will publish content. # Output only. URLs for accessing content published by this CA, such as the CA certificate and CRLs.
+        "caCertificateAccessUrl": "A String", # The URL where this CertificateAuthority's CA certificate is published. This will only be set for CAs that have been activated.
+        "crlAccessUrls": [ # The URLs where this CertificateAuthority's CRLs are published. This will only be set for CAs that have been activated.
+          "A String",
+        ],
+      },
+      "caCertificateDescriptions": [ # Output only. A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.
+        { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.
+          "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+            "A String",
+          ],
+          "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+            "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+          },
+          "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+            "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+          },
+          "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+            "A String",
+          ],
+          "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+            "format": "A String", # Required. The format of the public key.
+            "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+          },
+          "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+            "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+            "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+            "notAfterTime": "A String", # The time at which the certificate expires.
+            "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+            "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+              "commonName": "A String", # The "common name" of the subject.
+              "countryCode": "A String", # The country code of the subject.
+              "locality": "A String", # The locality or city of the subject.
+              "organization": "A String", # The organization of the subject.
+              "organizationalUnit": "A String", # The organizational_unit of the subject.
+              "postalCode": "A String", # The postal code of the subject.
+              "province": "A String", # The province, territory, or regional state of the subject.
+              "streetAddress": "A String", # The street address of the subject.
+            },
+            "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+              "customSans": [ # Contains additional subject alternative name values.
+                { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+                  "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+                  "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                    "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                      42,
+                    ],
+                  },
+                  "value": "A String", # Required. The value of this X.509 extension.
+                },
+              ],
+              "dnsNames": [ # Contains only valid, fully-qualified host names.
+                "A String",
+              ],
+              "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+                "A String",
+              ],
+              "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+                "A String",
+              ],
+              "uris": [ # Contains only valid RFC 3986 URIs.
+                "A String",
+              ],
+            },
+          },
+          "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+            "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+          },
+          "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+            "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+              { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+                "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+                "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                  "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                    42,
+                  ],
+                },
+                "value": "A String", # Required. The value of this X.509 extension.
+              },
+            ],
+            "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+              "A String",
+            ],
+            "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+              "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+              "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+            },
+            "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+              "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+                "certSign": True or False, # The key may be used to sign certificates.
+                "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+                "crlSign": True or False, # The key may be used sign certificate revocation lists.
+                "dataEncipherment": True or False, # The key may be used to encipher data.
+                "decipherOnly": True or False, # The key may be used to decipher only.
+                "digitalSignature": True or False, # The key may be used for digital signatures.
+                "encipherOnly": True or False, # The key may be used to encipher only.
+                "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+                "keyEncipherment": True or False, # The key may be used to encipher other keys.
+              },
+              "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+                "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+                "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+                "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+                "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+                "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+                "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+              },
+              "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+                { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+                  "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                    42,
+                  ],
+                },
+              ],
+            },
+            "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+              { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+            ],
+          },
+        },
+      ],
+      "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Required. Immutable. The config used to create a self-signed X.509 certificate or CSR.
+        "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+          "format": "A String", # Required. The format of the public key.
+          "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+        },
+        "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+          "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+            "commonName": "A String", # The "common name" of the subject.
+            "countryCode": "A String", # The country code of the subject.
+            "locality": "A String", # The locality or city of the subject.
+            "organization": "A String", # The organization of the subject.
+            "organizationalUnit": "A String", # The organizational_unit of the subject.
+            "postalCode": "A String", # The postal code of the subject.
+            "province": "A String", # The province, territory, or regional state of the subject.
+            "streetAddress": "A String", # The street address of the subject.
+          },
+          "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+            "customSans": [ # Contains additional subject alternative name values.
+              { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+                "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+                "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                  "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                    42,
+                  ],
+                },
+                "value": "A String", # Required. The value of this X.509 extension.
+              },
+            ],
+            "dnsNames": [ # Contains only valid, fully-qualified host names.
+              "A String",
+            ],
+            "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+              "A String",
+            ],
+            "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+              "A String",
+            ],
+            "uris": [ # Contains only valid RFC 3986 URIs.
+              "A String",
+            ],
+          },
+        },
+        "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+          "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+            { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+              "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+              "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+              "value": "A String", # Required. The value of this X.509 extension.
+            },
+          ],
+          "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+            "A String",
+          ],
+          "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+            "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+            "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+          },
+          "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+            "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+              "certSign": True or False, # The key may be used to sign certificates.
+              "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+              "crlSign": True or False, # The key may be used sign certificate revocation lists.
+              "dataEncipherment": True or False, # The key may be used to encipher data.
+              "decipherOnly": True or False, # The key may be used to decipher only.
+              "digitalSignature": True or False, # The key may be used for digital signatures.
+              "encipherOnly": True or False, # The key may be used to encipher only.
+              "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+              "keyEncipherment": True or False, # The key may be used to encipher other keys.
+            },
+            "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+              "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+              "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+              "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+              "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+              "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+              "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+            },
+            "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+              { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+            ],
+          },
+          "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+            { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+          ],
+        },
+      },
+      "createTime": "A String", # Output only. The time at which this CertificateAuthority was created.
+      "deleteTime": "A String", # Output only. The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.
+      "expireTime": "A String", # Output only. The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.
+      "gcsBucket": "A String", # Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.
+      "keySpec": { # A Cloud KMS key configuration that a CertificateAuthority will use. # Required. Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
+        "algorithm": "A String", # The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.
+        "cloudKmsKeyVersion": "A String", # The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.
+      },
+      "labels": { # Optional. Labels with user-defined metadata.
+        "a_key": "A String",
+      },
+      "lifetime": "A String", # Required. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
+      "name": "A String", # Output only. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+      "pemCaCertificates": [ # Output only. This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.
+        "A String",
+      ],
+      "state": "A String", # Output only. The State for this CertificateAuthority.
+      "subordinateConfig": { # Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain. # Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.
+        "certificateAuthority": "A String", # Required. This can refer to a CertificateAuthority in the same project that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+        "pemIssuerChain": { # This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons. # Required. Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.
+          "pemCertificates": [ # Required. Expected to be in leaf-to-root order according to RFC 5246.
+            "A String",
+          ],
+        },
+      },
+      "tier": "A String", # Output only. The CaPool.Tier of the CaPool that includes this CertificateAuthority.
+      "type": "A String", # Required. Immutable. The Type of this CertificateAuthority.
+      "updateTime": "A String", # Output only. The time at which this CertificateAuthority was last updated.
+    },
+  ],
+  "nextPageToken": "A String", # A token to retrieve next page of results. Pass this value in ListCertificateAuthoritiesRequest.next_page_token to retrieve the next page of results.
+  "unreachable": [ # A list of locations (e.g. "us-west1") that could not be reached.
+    "A String",
+  ],
+}
+
+ +
+ list_next(previous_request, previous_response) +
Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call 'execute()' on to request the next
+  page. Returns None if there are no more items in the collection.
+    
+
+ +
+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None) +
Update a CertificateAuthority.
+
+Args:
+  name: string, Output only. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A CertificateAuthority represents an individual Certificate Authority. A CertificateAuthority can be used to create Certificates.
+  "accessUrls": { # URLs where a CertificateAuthority will publish content. # Output only. URLs for accessing content published by this CA, such as the CA certificate and CRLs.
+    "caCertificateAccessUrl": "A String", # The URL where this CertificateAuthority's CA certificate is published. This will only be set for CAs that have been activated.
+    "crlAccessUrls": [ # The URLs where this CertificateAuthority's CRLs are published. This will only be set for CAs that have been activated.
+      "A String",
+    ],
+  },
+  "caCertificateDescriptions": [ # Output only. A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.
+    { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.
+      "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+        "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+      },
+      "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+        "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+      },
+      "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+        "A String",
+      ],
+      "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+        "format": "A String", # Required. The format of the public key.
+        "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+      },
+      "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+        "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+        "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+        "notAfterTime": "A String", # The time at which the certificate expires.
+        "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+        "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+          "commonName": "A String", # The "common name" of the subject.
+          "countryCode": "A String", # The country code of the subject.
+          "locality": "A String", # The locality or city of the subject.
+          "organization": "A String", # The organization of the subject.
+          "organizationalUnit": "A String", # The organizational_unit of the subject.
+          "postalCode": "A String", # The postal code of the subject.
+          "province": "A String", # The province, territory, or regional state of the subject.
+          "streetAddress": "A String", # The street address of the subject.
+        },
+        "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+          "customSans": [ # Contains additional subject alternative name values.
+            { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+              "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+              "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+              "value": "A String", # Required. The value of this X.509 extension.
+            },
+          ],
+          "dnsNames": [ # Contains only valid, fully-qualified host names.
+            "A String",
+          ],
+          "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+            "A String",
+          ],
+          "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+            "A String",
+          ],
+          "uris": [ # Contains only valid RFC 3986 URIs.
+            "A String",
+          ],
+        },
+      },
+      "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+        "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+      },
+      "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+        "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+          "A String",
+        ],
+        "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+          "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+          "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+        },
+        "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+          "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+            "certSign": True or False, # The key may be used to sign certificates.
+            "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+            "crlSign": True or False, # The key may be used sign certificate revocation lists.
+            "dataEncipherment": True or False, # The key may be used to encipher data.
+            "decipherOnly": True or False, # The key may be used to decipher only.
+            "digitalSignature": True or False, # The key may be used for digital signatures.
+            "encipherOnly": True or False, # The key may be used to encipher only.
+            "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+            "keyEncipherment": True or False, # The key may be used to encipher other keys.
+          },
+          "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+            "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+            "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+            "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+            "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+            "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+            "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+          },
+          "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+            { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+          ],
+        },
+        "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+    },
+  ],
+  "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Required. Immutable. The config used to create a self-signed X.509 certificate or CSR.
+    "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "createTime": "A String", # Output only. The time at which this CertificateAuthority was created.
+  "deleteTime": "A String", # Output only. The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.
+  "expireTime": "A String", # Output only. The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.
+  "gcsBucket": "A String", # Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.
+  "keySpec": { # A Cloud KMS key configuration that a CertificateAuthority will use. # Required. Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
+    "algorithm": "A String", # The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.
+    "cloudKmsKeyVersion": "A String", # The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.
+  },
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "lifetime": "A String", # Required. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
+  "name": "A String", # Output only. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+  "pemCaCertificates": [ # Output only. This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.
+    "A String",
+  ],
+  "state": "A String", # Output only. The State for this CertificateAuthority.
+  "subordinateConfig": { # Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain. # Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.
+    "certificateAuthority": "A String", # Required. This can refer to a CertificateAuthority in the same project that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+    "pemIssuerChain": { # This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons. # Required. Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.
+      "pemCertificates": [ # Required. Expected to be in leaf-to-root order according to RFC 5246.
+        "A String",
+      ],
+    },
+  },
+  "tier": "A String", # Output only. The CaPool.Tier of the CaPool that includes this CertificateAuthority.
+  "type": "A String", # Required. Immutable. The Type of this CertificateAuthority.
+  "updateTime": "A String", # Output only. The time at which this CertificateAuthority was last updated.
+}
+
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  updateMask: string, Required. A list of fields to be updated in this request.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ +
+ undelete(name, body=None, x__xgafv=None) +
Undelete a CertificateAuthority that has been deleted.
+
+Args:
+  name: string, Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for CertificateAuthorityService.UndeleteCertificateAuthority.
+  "requestId": "A String", # Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ \ No newline at end of file diff --git a/docs/dyn/privateca_v1.projects.locations.caPools.certificates.html b/docs/dyn/privateca_v1.projects.locations.caPools.certificates.html new file mode 100644 index 00000000000..2d6107f9105 --- /dev/null +++ b/docs/dyn/privateca_v1.projects.locations.caPools.certificates.html @@ -0,0 +1,1884 @@ + + + +

Certificate Authority API . projects . locations . caPools . certificates

+

Instance Methods

+

+ close()

+

Close httplib2 connections.

+

+ create(parent, body=None, certificateId=None, issuingCertificateAuthorityId=None, requestId=None, validateOnly=None, x__xgafv=None)

+

Create a new Certificate in a given Project, Location from a particular CaPool.

+

+ get(name, x__xgafv=None)

+

Returns a Certificate.

+

+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)

+

Lists Certificates.

+

+ list_next(previous_request, previous_response)

+

Retrieves the next page of results.

+

+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None)

+

Update a Certificate. Currently, the only field you can update is the labels field.

+

+ revoke(name, body=None, x__xgafv=None)

+

Revoke a Certificate.

+

Method Details

+
+ close() +
Close httplib2 connections.
+
+ +
+ create(parent, body=None, certificateId=None, issuingCertificateAuthorityId=None, requestId=None, validateOnly=None, x__xgafv=None) +
Create a new Certificate in a given Project, Location from a particular CaPool.
+
+Args:
+  parent: string, Required. The resource name of the CaPool associated with the Certificate, in the format `projects/*/locations/*/caPools/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.
+  "certificateDescription": { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509. # Output only. A structured description of the issued X.509 certificate.
+    "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+      "A String",
+    ],
+    "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+      "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+    },
+    "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+      "A String",
+    ],
+    "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+      "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+      "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+      "notAfterTime": "A String", # The time at which the certificate expires.
+      "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "certificateTemplate": "A String", # Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
+  "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
+    "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "createTime": "A String", # Output only. The time at which this Certificate was created.
+  "issuerCertificateAuthority": "A String", # Output only. The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "lifetime": "A String", # Required. Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
+  "name": "A String", # Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+  "pemCertificate": "A String", # Output only. The pem-encoded, signed X.509 certificate.
+  "pemCertificateChain": [ # Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
+    "A String",
+  ],
+  "pemCsr": "A String", # Immutable. A pem-encoded X.509 certificate signing request (CSR).
+  "revocationDetails": { # Describes fields that are relavent to the revocation of a Certificate. # Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
+    "revocationState": "A String", # Indicates why a Certificate was revoked.
+    "revocationTime": "A String", # The time at which this Certificate was revoked.
+  },
+  "subjectMode": "A String", # Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
+  "updateTime": "A String", # Output only. The time at which this Certificate was updated.
+}
+
+  certificateId: string, Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.
+  issuingCertificateAuthorityId: string, Optional. The resource ID of the CertificateAuthority that should issue the certificate. This optional field will ignore the load-balancing scheme of the Pool and directly issue the certificate from the CA with the specified ID, contained in the same CaPool referenced by `parent`. Per-CA quota rules apply. If left empty, a CertificateAuthority will be chosen from the CaPool by the service. For example, to issue a Certificate from a Certificate Authority with resource name "projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca", you can set the parent to "projects/my-project/locations/us-central1/caPools/my-pool" and the issuing_certificate_authority_id to "my-ca".
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  validateOnly: boolean, Optional. If this is true, no Certificate resource will be persisted regardless of the CaPool's tier, and the returned Certificate will not contain the pem_certificate field.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.
+  "certificateDescription": { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509. # Output only. A structured description of the issued X.509 certificate.
+    "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+      "A String",
+    ],
+    "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+      "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+    },
+    "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+      "A String",
+    ],
+    "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+      "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+      "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+      "notAfterTime": "A String", # The time at which the certificate expires.
+      "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "certificateTemplate": "A String", # Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
+  "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
+    "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "createTime": "A String", # Output only. The time at which this Certificate was created.
+  "issuerCertificateAuthority": "A String", # Output only. The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "lifetime": "A String", # Required. Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
+  "name": "A String", # Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+  "pemCertificate": "A String", # Output only. The pem-encoded, signed X.509 certificate.
+  "pemCertificateChain": [ # Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
+    "A String",
+  ],
+  "pemCsr": "A String", # Immutable. A pem-encoded X.509 certificate signing request (CSR).
+  "revocationDetails": { # Describes fields that are relavent to the revocation of a Certificate. # Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
+    "revocationState": "A String", # Indicates why a Certificate was revoked.
+    "revocationTime": "A String", # The time at which this Certificate was revoked.
+  },
+  "subjectMode": "A String", # Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
+  "updateTime": "A String", # Output only. The time at which this Certificate was updated.
+}
+
+ +
+ get(name, x__xgafv=None) +
Returns a Certificate.
+
+Args:
+  name: string, Required. The name of the Certificate to get. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.
+  "certificateDescription": { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509. # Output only. A structured description of the issued X.509 certificate.
+    "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+      "A String",
+    ],
+    "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+      "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+    },
+    "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+      "A String",
+    ],
+    "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+      "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+      "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+      "notAfterTime": "A String", # The time at which the certificate expires.
+      "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "certificateTemplate": "A String", # Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
+  "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
+    "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "createTime": "A String", # Output only. The time at which this Certificate was created.
+  "issuerCertificateAuthority": "A String", # Output only. The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "lifetime": "A String", # Required. Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
+  "name": "A String", # Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+  "pemCertificate": "A String", # Output only. The pem-encoded, signed X.509 certificate.
+  "pemCertificateChain": [ # Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
+    "A String",
+  ],
+  "pemCsr": "A String", # Immutable. A pem-encoded X.509 certificate signing request (CSR).
+  "revocationDetails": { # Describes fields that are relavent to the revocation of a Certificate. # Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
+    "revocationState": "A String", # Indicates why a Certificate was revoked.
+    "revocationTime": "A String", # The time at which this Certificate was revoked.
+  },
+  "subjectMode": "A String", # Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
+  "updateTime": "A String", # Output only. The time at which this Certificate was updated.
+}
+
+ +
+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None) +
Lists Certificates.
+
+Args:
+  parent: string, Required. The resource name of the location associated with the Certificates, in the format `projects/*/locations/*/caPools/*`. (required)
+  filter: string, Optional. Only include resources that match the filter in the response. For details on supported filters and syntax, see [Certificates Filtering documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support).
+  orderBy: string, Optional. Specify how the results should be sorted. For details on supported fields and syntax, see [Certificates Sorting documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#sorting_support).
+  pageSize: integer, Optional. Limit on the number of Certificates to include in the response. Further Certificates can subsequently be obtained by including the ListCertificatesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.
+  pageToken: string, Optional. Pagination token, returned earlier via ListCertificatesResponse.next_page_token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CertificateAuthorityService.ListCertificates.
+  "certificates": [ # The list of Certificates.
+    { # A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.
+      "certificateDescription": { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509. # Output only. A structured description of the issued X.509 certificate.
+        "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+          "A String",
+        ],
+        "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+          "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+        },
+        "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+          "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+        },
+        "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+          "A String",
+        ],
+        "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+          "format": "A String", # Required. The format of the public key.
+          "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+        },
+        "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+          "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+          "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+          "notAfterTime": "A String", # The time at which the certificate expires.
+          "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+          "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+            "commonName": "A String", # The "common name" of the subject.
+            "countryCode": "A String", # The country code of the subject.
+            "locality": "A String", # The locality or city of the subject.
+            "organization": "A String", # The organization of the subject.
+            "organizationalUnit": "A String", # The organizational_unit of the subject.
+            "postalCode": "A String", # The postal code of the subject.
+            "province": "A String", # The province, territory, or regional state of the subject.
+            "streetAddress": "A String", # The street address of the subject.
+          },
+          "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+            "customSans": [ # Contains additional subject alternative name values.
+              { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+                "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+                "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                  "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                    42,
+                  ],
+                },
+                "value": "A String", # Required. The value of this X.509 extension.
+              },
+            ],
+            "dnsNames": [ # Contains only valid, fully-qualified host names.
+              "A String",
+            ],
+            "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+              "A String",
+            ],
+            "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+              "A String",
+            ],
+            "uris": [ # Contains only valid RFC 3986 URIs.
+              "A String",
+            ],
+          },
+        },
+        "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+          "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+        },
+        "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+          "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+            { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+              "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+              "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+              "value": "A String", # Required. The value of this X.509 extension.
+            },
+          ],
+          "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+            "A String",
+          ],
+          "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+            "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+            "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+          },
+          "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+            "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+              "certSign": True or False, # The key may be used to sign certificates.
+              "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+              "crlSign": True or False, # The key may be used sign certificate revocation lists.
+              "dataEncipherment": True or False, # The key may be used to encipher data.
+              "decipherOnly": True or False, # The key may be used to decipher only.
+              "digitalSignature": True or False, # The key may be used for digital signatures.
+              "encipherOnly": True or False, # The key may be used to encipher only.
+              "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+              "keyEncipherment": True or False, # The key may be used to encipher other keys.
+            },
+            "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+              "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+              "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+              "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+              "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+              "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+              "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+            },
+            "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+              { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+            ],
+          },
+          "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+            { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+          ],
+        },
+      },
+      "certificateTemplate": "A String", # Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
+      "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
+        "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+          "format": "A String", # Required. The format of the public key.
+          "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+        },
+        "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+          "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+            "commonName": "A String", # The "common name" of the subject.
+            "countryCode": "A String", # The country code of the subject.
+            "locality": "A String", # The locality or city of the subject.
+            "organization": "A String", # The organization of the subject.
+            "organizationalUnit": "A String", # The organizational_unit of the subject.
+            "postalCode": "A String", # The postal code of the subject.
+            "province": "A String", # The province, territory, or regional state of the subject.
+            "streetAddress": "A String", # The street address of the subject.
+          },
+          "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+            "customSans": [ # Contains additional subject alternative name values.
+              { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+                "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+                "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                  "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                    42,
+                  ],
+                },
+                "value": "A String", # Required. The value of this X.509 extension.
+              },
+            ],
+            "dnsNames": [ # Contains only valid, fully-qualified host names.
+              "A String",
+            ],
+            "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+              "A String",
+            ],
+            "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+              "A String",
+            ],
+            "uris": [ # Contains only valid RFC 3986 URIs.
+              "A String",
+            ],
+          },
+        },
+        "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+          "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+            { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+              "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+              "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+              "value": "A String", # Required. The value of this X.509 extension.
+            },
+          ],
+          "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+            "A String",
+          ],
+          "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+            "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+            "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+          },
+          "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+            "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+              "certSign": True or False, # The key may be used to sign certificates.
+              "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+              "crlSign": True or False, # The key may be used sign certificate revocation lists.
+              "dataEncipherment": True or False, # The key may be used to encipher data.
+              "decipherOnly": True or False, # The key may be used to decipher only.
+              "digitalSignature": True or False, # The key may be used for digital signatures.
+              "encipherOnly": True or False, # The key may be used to encipher only.
+              "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+              "keyEncipherment": True or False, # The key may be used to encipher other keys.
+            },
+            "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+              "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+              "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+              "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+              "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+              "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+              "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+            },
+            "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+              { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+            ],
+          },
+          "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+            { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+          ],
+        },
+      },
+      "createTime": "A String", # Output only. The time at which this Certificate was created.
+      "issuerCertificateAuthority": "A String", # Output only. The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+      "labels": { # Optional. Labels with user-defined metadata.
+        "a_key": "A String",
+      },
+      "lifetime": "A String", # Required. Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
+      "name": "A String", # Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+      "pemCertificate": "A String", # Output only. The pem-encoded, signed X.509 certificate.
+      "pemCertificateChain": [ # Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
+        "A String",
+      ],
+      "pemCsr": "A String", # Immutable. A pem-encoded X.509 certificate signing request (CSR).
+      "revocationDetails": { # Describes fields that are relavent to the revocation of a Certificate. # Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
+        "revocationState": "A String", # Indicates why a Certificate was revoked.
+        "revocationTime": "A String", # The time at which this Certificate was revoked.
+      },
+      "subjectMode": "A String", # Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
+      "updateTime": "A String", # Output only. The time at which this Certificate was updated.
+    },
+  ],
+  "nextPageToken": "A String", # A token to retrieve next page of results. Pass this value in ListCertificatesRequest.next_page_token to retrieve the next page of results.
+  "unreachable": [ # A list of locations (e.g. "us-west1") that could not be reached.
+    "A String",
+  ],
+}
+
+ +
+ list_next(previous_request, previous_response) +
Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call 'execute()' on to request the next
+  page. Returns None if there are no more items in the collection.
+    
+
+ +
+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None) +
Update a Certificate. Currently, the only field you can update is the labels field.
+
+Args:
+  name: string, Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.
+  "certificateDescription": { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509. # Output only. A structured description of the issued X.509 certificate.
+    "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+      "A String",
+    ],
+    "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+      "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+    },
+    "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+      "A String",
+    ],
+    "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+      "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+      "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+      "notAfterTime": "A String", # The time at which the certificate expires.
+      "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "certificateTemplate": "A String", # Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
+  "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
+    "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "createTime": "A String", # Output only. The time at which this Certificate was created.
+  "issuerCertificateAuthority": "A String", # Output only. The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "lifetime": "A String", # Required. Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
+  "name": "A String", # Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+  "pemCertificate": "A String", # Output only. The pem-encoded, signed X.509 certificate.
+  "pemCertificateChain": [ # Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
+    "A String",
+  ],
+  "pemCsr": "A String", # Immutable. A pem-encoded X.509 certificate signing request (CSR).
+  "revocationDetails": { # Describes fields that are relavent to the revocation of a Certificate. # Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
+    "revocationState": "A String", # Indicates why a Certificate was revoked.
+    "revocationTime": "A String", # The time at which this Certificate was revoked.
+  },
+  "subjectMode": "A String", # Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
+  "updateTime": "A String", # Output only. The time at which this Certificate was updated.
+}
+
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  updateMask: string, Required. A list of fields to be updated in this request.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.
+  "certificateDescription": { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509. # Output only. A structured description of the issued X.509 certificate.
+    "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+      "A String",
+    ],
+    "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+      "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+    },
+    "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+      "A String",
+    ],
+    "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+      "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+      "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+      "notAfterTime": "A String", # The time at which the certificate expires.
+      "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "certificateTemplate": "A String", # Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
+  "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
+    "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "createTime": "A String", # Output only. The time at which this Certificate was created.
+  "issuerCertificateAuthority": "A String", # Output only. The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "lifetime": "A String", # Required. Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
+  "name": "A String", # Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+  "pemCertificate": "A String", # Output only. The pem-encoded, signed X.509 certificate.
+  "pemCertificateChain": [ # Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
+    "A String",
+  ],
+  "pemCsr": "A String", # Immutable. A pem-encoded X.509 certificate signing request (CSR).
+  "revocationDetails": { # Describes fields that are relavent to the revocation of a Certificate. # Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
+    "revocationState": "A String", # Indicates why a Certificate was revoked.
+    "revocationTime": "A String", # The time at which this Certificate was revoked.
+  },
+  "subjectMode": "A String", # Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
+  "updateTime": "A String", # Output only. The time at which this Certificate was updated.
+}
+
+ +
+ revoke(name, body=None, x__xgafv=None) +
Revoke a Certificate.
+
+Args:
+  name: string, Required. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for CertificateAuthorityService.RevokeCertificate.
+  "reason": "A String", # Required. The RevocationReason for revoking this certificate.
+  "requestId": "A String", # Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.
+  "certificateDescription": { # A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509. # Output only. A structured description of the issued X.509 certificate.
+    "aiaIssuingCertificateUrls": [ # Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
+      "A String",
+    ],
+    "authorityKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "certFingerprint": { # A group of fingerprints for the x509 certificate. # The hash of the x.509 certificate.
+      "sha256Hash": "A String", # The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
+    },
+    "crlDistributionPoints": [ # Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
+      "A String",
+    ],
+    "publicKey": { # A PublicKey describes a public key. # The public key that corresponds to an issued certificate.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectDescription": { # These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime. # Describes some of the values in a certificate that are related to the subject and lifetime.
+      "hexSerialNumber": "A String", # The serial number encoded in lowercase hexadecimal.
+      "lifetime": "A String", # For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.
+      "notAfterTime": "A String", # The time at which the certificate expires.
+      "notBeforeTime": "A String", # The time at which the certificate becomes valid.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Contains distinguished name fields such as the common name, location and / organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "subjectKeyId": { # A KeyId identifies a specific public key, usually by hashing the public key. # Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
+      "keyId": "A String", # Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
+    },
+    "x509Description": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Describes some of the technical X.509 fields in a certificate.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "certificateTemplate": "A String", # Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
+  "config": { # A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1. # Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
+    "publicKey": { # A PublicKey describes a public key. # Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
+      "format": "A String", # Required. The format of the public key.
+      "key": "A String", # Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
+    },
+    "subjectConfig": { # These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate. # Required. Specifies some of the values in a certificate that are related to the subject.
+      "subject": { # Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate. # Required. Contains distinguished name fields such as the common name, location and organization.
+        "commonName": "A String", # The "common name" of the subject.
+        "countryCode": "A String", # The country code of the subject.
+        "locality": "A String", # The locality or city of the subject.
+        "organization": "A String", # The organization of the subject.
+        "organizationalUnit": "A String", # The organizational_unit of the subject.
+        "postalCode": "A String", # The postal code of the subject.
+        "province": "A String", # The province, territory, or regional state of the subject.
+        "streetAddress": "A String", # The street address of the subject.
+      },
+      "subjectAltName": { # SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name). # Optional. The subject alternative name fields.
+        "customSans": [ # Contains additional subject alternative name values.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "dnsNames": [ # Contains only valid, fully-qualified host names.
+          "A String",
+        ],
+        "emailAddresses": [ # Contains only valid RFC 2822 E-mail addresses.
+          "A String",
+        ],
+        "ipAddresses": [ # Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
+          "A String",
+        ],
+        "uris": [ # Contains only valid RFC 3986 URIs.
+          "A String",
+        ],
+      },
+    },
+    "x509Config": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Required. Describes how some of the technical X.509 fields in a certificate should be populated.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+  },
+  "createTime": "A String", # Output only. The time at which this Certificate was created.
+  "issuerCertificateAuthority": "A String", # Output only. The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "lifetime": "A String", # Required. Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
+  "name": "A String", # Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
+  "pemCertificate": "A String", # Output only. The pem-encoded, signed X.509 certificate.
+  "pemCertificateChain": [ # Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
+    "A String",
+  ],
+  "pemCsr": "A String", # Immutable. A pem-encoded X.509 certificate signing request (CSR).
+  "revocationDetails": { # Describes fields that are relavent to the revocation of a Certificate. # Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
+    "revocationState": "A String", # Indicates why a Certificate was revoked.
+    "revocationTime": "A String", # The time at which this Certificate was revoked.
+  },
+  "subjectMode": "A String", # Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
+  "updateTime": "A String", # Output only. The time at which this Certificate was updated.
+}
+
+ + \ No newline at end of file diff --git a/docs/dyn/privateca_v1.projects.locations.caPools.html b/docs/dyn/privateca_v1.projects.locations.caPools.html index 3d34fa91a97..71ac803ba0b 100644 --- a/docs/dyn/privateca_v1.projects.locations.caPools.html +++ b/docs/dyn/privateca_v1.projects.locations.caPools.html @@ -79,12 +79,38 @@

Instance Methods

Returns the certificateAuthorities Resource.

+

+ certificates() +

+

Returns the certificates Resource.

+

close()

Close httplib2 connections.

+

+ create(parent, body=None, caPoolId=None, requestId=None, x__xgafv=None)

+

Create a CaPool.

+

+ delete(name, requestId=None, x__xgafv=None)

+

Delete a CaPool.

+

+ fetchCaCerts(caPool, body=None, x__xgafv=None)

+

FetchCaCerts returns the current trust anchor for the CaPool. This will include CA certificate chains for all ACTIVE CertificateAuthority resources in the CaPool.

+

+ get(name, x__xgafv=None)

+

Returns a CaPool.

getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

+

+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)

+

Lists CaPools.

+

+ list_next(previous_request, previous_response)

+

Retrieves the next page of results.

+

+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None)

+

Update a CaPool.

setIamPolicy(resource, body=None, x__xgafv=None)

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

@@ -97,6 +123,343 @@

Method Details

Close httplib2 connections.
+
+ create(parent, body=None, caPoolId=None, requestId=None, x__xgafv=None) +
Create a CaPool.
+
+Args:
+  parent: string, Required. The resource name of the location associated with the CaPool, in the format `projects/*/locations/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A CaPool represents a group of CertificateAuthorities that form a trust anchor. A CaPool can be used to manage issuance policies for one or more CertificateAuthority resources and to rotate CA certificates in and out of the trust anchor.
+  "issuancePolicy": { # Defines controls over all certificate issuance within a CaPool. # Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool.
+    "allowedIssuanceModes": { # IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool. # Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
+      "allowConfigBasedIssuance": True or False, # Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.
+      "allowCsrBasedIssuance": True or False, # Optional. When true, allows callers to create Certificates by specifying a CSR.
+    },
+    "allowedKeyTypes": [ # Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
+      { # Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.
+        "ellipticCurve": { # Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool. # Represents an allowed Elliptic Curve key type.
+          "signatureAlgorithm": "A String", # Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.
+        },
+        "rsa": { # Describes an RSA key that may be used in a Certificate issued from a CaPool. # Represents an allowed RSA key type.
+          "maxModulusSize": "A String", # Optional. The maximum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.
+          "minModulusSize": "A String", # Optional. The minimum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.
+        },
+      },
+    ],
+    "baselineValues": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+    "identityConstraints": { # Describes constraints on a Certificate's Subject and SubjectAltNames. # Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.
+      "allowSubjectAltNamesPassthrough": True or False, # Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
+      "allowSubjectPassthrough": True or False, # Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
+      "celExpression": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/cel-guide
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+    },
+    "maximumLifetime": "A String", # Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
+    "passthroughExtensions": { # Describes a set of X.509 extensions that may be part of some certificate issuance controls. # Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.
+      "additionalExtensions": [ # Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+      "knownExtensions": [ # Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
+        "A String",
+      ],
+    },
+  },
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "name": "A String", # Output only. The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.
+  "publishingOptions": { # Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool. # Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool.
+    "publishCaCert": True or False, # Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.
+    "publishCrl": True or False, # Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.
+  },
+  "tier": "A String", # Required. Immutable. The Tier of this CaPool.
+}
+
+  caPoolId: string, Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ +
+ delete(name, requestId=None, x__xgafv=None) +
Delete a CaPool.
+
+Args:
+  name: string, Required. The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`. (required)
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ +
+ fetchCaCerts(caPool, body=None, x__xgafv=None) +
FetchCaCerts returns the current trust anchor for the CaPool. This will include CA certificate chains for all ACTIVE CertificateAuthority resources in the CaPool.
+
+Args:
+  caPool: string, Required. The resource name for the CaPool in the format `projects/*/locations/*/caPools/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for CertificateAuthorityService.FetchCaCerts.
+  "requestId": "A String", # Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CertificateAuthorityService.FetchCaCerts.
+  "caCerts": [ # The PEM encoded CA certificate chains of all ACTIVE CertificateAuthority resources in this CaPool.
+    {
+      "certificates": [ # The certificates that form the CA chain, from leaf to root order.
+        "A String",
+      ],
+    },
+  ],
+}
+
+ +
+ get(name, x__xgafv=None) +
Returns a CaPool.
+
+Args:
+  name: string, Required. The name of the CaPool to get. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A CaPool represents a group of CertificateAuthorities that form a trust anchor. A CaPool can be used to manage issuance policies for one or more CertificateAuthority resources and to rotate CA certificates in and out of the trust anchor.
+  "issuancePolicy": { # Defines controls over all certificate issuance within a CaPool. # Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool.
+    "allowedIssuanceModes": { # IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool. # Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
+      "allowConfigBasedIssuance": True or False, # Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.
+      "allowCsrBasedIssuance": True or False, # Optional. When true, allows callers to create Certificates by specifying a CSR.
+    },
+    "allowedKeyTypes": [ # Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
+      { # Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.
+        "ellipticCurve": { # Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool. # Represents an allowed Elliptic Curve key type.
+          "signatureAlgorithm": "A String", # Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.
+        },
+        "rsa": { # Describes an RSA key that may be used in a Certificate issued from a CaPool. # Represents an allowed RSA key type.
+          "maxModulusSize": "A String", # Optional. The maximum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.
+          "minModulusSize": "A String", # Optional. The minimum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.
+        },
+      },
+    ],
+    "baselineValues": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+    "identityConstraints": { # Describes constraints on a Certificate's Subject and SubjectAltNames. # Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.
+      "allowSubjectAltNamesPassthrough": True or False, # Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
+      "allowSubjectPassthrough": True or False, # Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
+      "celExpression": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/cel-guide
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+    },
+    "maximumLifetime": "A String", # Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
+    "passthroughExtensions": { # Describes a set of X.509 extensions that may be part of some certificate issuance controls. # Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.
+      "additionalExtensions": [ # Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+      "knownExtensions": [ # Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
+        "A String",
+      ],
+    },
+  },
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "name": "A String", # Output only. The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.
+  "publishingOptions": { # Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool. # Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool.
+    "publishCaCert": True or False, # Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.
+    "publishCrl": True or False, # Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.
+  },
+  "tier": "A String", # Required. Immutable. The Tier of this CaPool.
+}
+
+
getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
@@ -145,6 +508,301 @@ 

Method Details

}
+
+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None) +
Lists CaPools.
+
+Args:
+  parent: string, Required. The resource name of the location associated with the CaPools, in the format `projects/*/locations/*`. (required)
+  filter: string, Optional. Only include resources that match the filter in the response.
+  orderBy: string, Optional. Specify how the results should be sorted.
+  pageSize: integer, Optional. Limit on the number of CaPools to include in the response. Further CaPools can subsequently be obtained by including the ListCaPoolsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.
+  pageToken: string, Optional. Pagination token, returned earlier via ListCaPoolsResponse.next_page_token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CertificateAuthorityService.ListCaPools.
+  "caPools": [ # The list of CaPools.
+    { # A CaPool represents a group of CertificateAuthorities that form a trust anchor. A CaPool can be used to manage issuance policies for one or more CertificateAuthority resources and to rotate CA certificates in and out of the trust anchor.
+      "issuancePolicy": { # Defines controls over all certificate issuance within a CaPool. # Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool.
+        "allowedIssuanceModes": { # IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool. # Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
+          "allowConfigBasedIssuance": True or False, # Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.
+          "allowCsrBasedIssuance": True or False, # Optional. When true, allows callers to create Certificates by specifying a CSR.
+        },
+        "allowedKeyTypes": [ # Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
+          { # Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.
+            "ellipticCurve": { # Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool. # Represents an allowed Elliptic Curve key type.
+              "signatureAlgorithm": "A String", # Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.
+            },
+            "rsa": { # Describes an RSA key that may be used in a Certificate issued from a CaPool. # Represents an allowed RSA key type.
+              "maxModulusSize": "A String", # Optional. The maximum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.
+              "minModulusSize": "A String", # Optional. The minimum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.
+            },
+          },
+        ],
+        "baselineValues": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
+          "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+            { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+              "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+              "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+              "value": "A String", # Required. The value of this X.509 extension.
+            },
+          ],
+          "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+            "A String",
+          ],
+          "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+            "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+            "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+          },
+          "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+            "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+              "certSign": True or False, # The key may be used to sign certificates.
+              "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+              "crlSign": True or False, # The key may be used sign certificate revocation lists.
+              "dataEncipherment": True or False, # The key may be used to encipher data.
+              "decipherOnly": True or False, # The key may be used to decipher only.
+              "digitalSignature": True or False, # The key may be used for digital signatures.
+              "encipherOnly": True or False, # The key may be used to encipher only.
+              "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+              "keyEncipherment": True or False, # The key may be used to encipher other keys.
+            },
+            "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+              "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+              "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+              "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+              "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+              "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+              "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+            },
+            "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+              { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+                "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                  42,
+                ],
+              },
+            ],
+          },
+          "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+            { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+          ],
+        },
+        "identityConstraints": { # Describes constraints on a Certificate's Subject and SubjectAltNames. # Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.
+          "allowSubjectAltNamesPassthrough": True or False, # Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
+          "allowSubjectPassthrough": True or False, # Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
+          "celExpression": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/cel-guide
+            "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+            "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+            "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+            "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+          },
+        },
+        "maximumLifetime": "A String", # Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
+        "passthroughExtensions": { # Describes a set of X.509 extensions that may be part of some certificate issuance controls. # Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.
+          "additionalExtensions": [ # Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
+            { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+          ],
+          "knownExtensions": [ # Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
+            "A String",
+          ],
+        },
+      },
+      "labels": { # Optional. Labels with user-defined metadata.
+        "a_key": "A String",
+      },
+      "name": "A String", # Output only. The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.
+      "publishingOptions": { # Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool. # Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool.
+        "publishCaCert": True or False, # Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.
+        "publishCrl": True or False, # Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.
+      },
+      "tier": "A String", # Required. Immutable. The Tier of this CaPool.
+    },
+  ],
+  "nextPageToken": "A String", # A token to retrieve next page of results. Pass this value in ListCertificateAuthoritiesRequest.next_page_token to retrieve the next page of results.
+  "unreachable": [ # A list of locations (e.g. "us-west1") that could not be reached.
+    "A String",
+  ],
+}
+
+ +
+ list_next(previous_request, previous_response) +
Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call 'execute()' on to request the next
+  page. Returns None if there are no more items in the collection.
+    
+
+ +
+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None) +
Update a CaPool.
+
+Args:
+  name: string, Output only. The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A CaPool represents a group of CertificateAuthorities that form a trust anchor. A CaPool can be used to manage issuance policies for one or more CertificateAuthority resources and to rotate CA certificates in and out of the trust anchor.
+  "issuancePolicy": { # Defines controls over all certificate issuance within a CaPool. # Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool.
+    "allowedIssuanceModes": { # IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool. # Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
+      "allowConfigBasedIssuance": True or False, # Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.
+      "allowCsrBasedIssuance": True or False, # Optional. When true, allows callers to create Certificates by specifying a CSR.
+    },
+    "allowedKeyTypes": [ # Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
+      { # Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.
+        "ellipticCurve": { # Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool. # Represents an allowed Elliptic Curve key type.
+          "signatureAlgorithm": "A String", # Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.
+        },
+        "rsa": { # Describes an RSA key that may be used in a Certificate issued from a CaPool. # Represents an allowed RSA key type.
+          "maxModulusSize": "A String", # Optional. The maximum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.
+          "minModulusSize": "A String", # Optional. The minimum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.
+        },
+      },
+    ],
+    "baselineValues": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
+      "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+        { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+          "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+          "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+          "value": "A String", # Required. The value of this X.509 extension.
+        },
+      ],
+      "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+        "A String",
+      ],
+      "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+        "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+        "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+      },
+      "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+        "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+          "certSign": True or False, # The key may be used to sign certificates.
+          "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+          "crlSign": True or False, # The key may be used sign certificate revocation lists.
+          "dataEncipherment": True or False, # The key may be used to encipher data.
+          "decipherOnly": True or False, # The key may be used to decipher only.
+          "digitalSignature": True or False, # The key may be used for digital signatures.
+          "encipherOnly": True or False, # The key may be used to encipher only.
+          "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+          "keyEncipherment": True or False, # The key may be used to encipher other keys.
+        },
+        "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+          "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+          "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+          "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+          "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+          "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+          "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+        },
+        "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+    "identityConstraints": { # Describes constraints on a Certificate's Subject and SubjectAltNames. # Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.
+      "allowSubjectAltNamesPassthrough": True or False, # Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
+      "allowSubjectPassthrough": True or False, # Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
+      "celExpression": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/cel-guide
+        "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+        "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+        "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+        "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+      },
+    },
+    "maximumLifetime": "A String", # Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
+    "passthroughExtensions": { # Describes a set of X.509 extensions that may be part of some certificate issuance controls. # Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.
+      "additionalExtensions": [ # Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+      "knownExtensions": [ # Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
+        "A String",
+      ],
+    },
+  },
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "name": "A String", # Output only. The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.
+  "publishingOptions": { # Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool. # Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool.
+    "publishCaCert": True or False, # Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.
+    "publishCrl": True or False, # Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.
+  },
+  "tier": "A String", # Required. Immutable. The Tier of this CaPool.
+}
+
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  updateMask: string, Required. A list of fields to be updated in this request.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+
setIamPolicy(resource, body=None, x__xgafv=None)
Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
diff --git a/docs/dyn/privateca_v1.projects.locations.certificateTemplates.html b/docs/dyn/privateca_v1.projects.locations.certificateTemplates.html
index c84fb51e442..b230a7d510d 100644
--- a/docs/dyn/privateca_v1.projects.locations.certificateTemplates.html
+++ b/docs/dyn/privateca_v1.projects.locations.certificateTemplates.html
@@ -77,9 +77,27 @@ 

Instance Methods

close()

Close httplib2 connections.

+

+ create(parent, body=None, certificateTemplateId=None, requestId=None, x__xgafv=None)

+

Create a new CertificateTemplate in a given Project and Location.

+

+ delete(name, requestId=None, x__xgafv=None)

+

DeleteCertificateTemplate deletes a CertificateTemplate.

+

+ get(name, x__xgafv=None)

+

Returns a CertificateTemplate.

getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

+

+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)

+

Lists CertificateTemplates.

+

+ list_next(previous_request, previous_response)

+

Retrieves the next page of results.

+

+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None)

+

Update a CertificateTemplate.

setIamPolicy(resource, body=None, x__xgafv=None)

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

@@ -92,6 +110,271 @@

Method Details

Close httplib2 connections.
+
+ create(parent, body=None, certificateTemplateId=None, requestId=None, x__xgafv=None) +
Create a new CertificateTemplate in a given Project and Location.
+
+Args:
+  parent: string, Required. The resource name of the location associated with the CertificateTemplate, in the format `projects/*/locations/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A CertificateTemplate refers to a managed template for certificate issuance.
+  "createTime": "A String", # Output only. The time at which this CertificateTemplate was created.
+  "description": "A String", # Optional. A human-readable description of scenarios this template is intended for.
+  "identityConstraints": { # Describes constraints on a Certificate's Subject and SubjectAltNames. # Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
+    "allowSubjectAltNamesPassthrough": True or False, # Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
+    "allowSubjectPassthrough": True or False, # Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
+    "celExpression": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/cel-guide
+      "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+      "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+      "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+      "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+    },
+  },
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "name": "A String", # Output only. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
+  "passthroughExtensions": { # Describes a set of X.509 extensions that may be part of some certificate issuance controls. # Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
+    "additionalExtensions": [ # Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
+      { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+        "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+          42,
+        ],
+      },
+    ],
+    "knownExtensions": [ # Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
+      "A String",
+    ],
+  },
+  "predefinedValues": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.
+    "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+      { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+        "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+        "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+        "value": "A String", # Required. The value of this X.509 extension.
+      },
+    ],
+    "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+      "A String",
+    ],
+    "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+      "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+      "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+    },
+    "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+      "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+        "certSign": True or False, # The key may be used to sign certificates.
+        "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+        "crlSign": True or False, # The key may be used sign certificate revocation lists.
+        "dataEncipherment": True or False, # The key may be used to encipher data.
+        "decipherOnly": True or False, # The key may be used to decipher only.
+        "digitalSignature": True or False, # The key may be used for digital signatures.
+        "encipherOnly": True or False, # The key may be used to encipher only.
+        "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+        "keyEncipherment": True or False, # The key may be used to encipher other keys.
+      },
+      "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+        "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+        "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+        "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+        "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+        "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+        "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+      },
+      "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+    "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+      { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+        "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+          42,
+        ],
+      },
+    ],
+  },
+  "updateTime": "A String", # Output only. The time at which this CertificateTemplate was updated.
+}
+
+  certificateTemplateId: string, Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ +
+ delete(name, requestId=None, x__xgafv=None) +
DeleteCertificateTemplate deletes a CertificateTemplate.
+
+Args:
+  name: string, Required. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`. (required)
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+ +
+ get(name, x__xgafv=None) +
Returns a CertificateTemplate.
+
+Args:
+  name: string, Required. The name of the CertificateTemplate to get. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A CertificateTemplate refers to a managed template for certificate issuance.
+  "createTime": "A String", # Output only. The time at which this CertificateTemplate was created.
+  "description": "A String", # Optional. A human-readable description of scenarios this template is intended for.
+  "identityConstraints": { # Describes constraints on a Certificate's Subject and SubjectAltNames. # Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
+    "allowSubjectAltNamesPassthrough": True or False, # Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
+    "allowSubjectPassthrough": True or False, # Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
+    "celExpression": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/cel-guide
+      "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+      "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+      "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+      "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+    },
+  },
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "name": "A String", # Output only. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
+  "passthroughExtensions": { # Describes a set of X.509 extensions that may be part of some certificate issuance controls. # Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
+    "additionalExtensions": [ # Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
+      { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+        "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+          42,
+        ],
+      },
+    ],
+    "knownExtensions": [ # Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
+      "A String",
+    ],
+  },
+  "predefinedValues": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.
+    "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+      { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+        "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+        "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+        "value": "A String", # Required. The value of this X.509 extension.
+      },
+    ],
+    "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+      "A String",
+    ],
+    "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+      "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+      "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+    },
+    "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+      "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+        "certSign": True or False, # The key may be used to sign certificates.
+        "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+        "crlSign": True or False, # The key may be used sign certificate revocation lists.
+        "dataEncipherment": True or False, # The key may be used to encipher data.
+        "decipherOnly": True or False, # The key may be used to decipher only.
+        "digitalSignature": True or False, # The key may be used for digital signatures.
+        "encipherOnly": True or False, # The key may be used to encipher only.
+        "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+        "keyEncipherment": True or False, # The key may be used to encipher other keys.
+      },
+      "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+        "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+        "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+        "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+        "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+        "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+        "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+      },
+      "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+    "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+      { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+        "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+          42,
+        ],
+      },
+    ],
+  },
+  "updateTime": "A String", # Output only. The time at which this CertificateTemplate was updated.
+}
+
+
getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
@@ -140,6 +423,261 @@ 

Method Details

}
+
+ list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None) +
Lists CertificateTemplates.
+
+Args:
+  parent: string, Required. The resource name of the location associated with the CertificateTemplates, in the format `projects/*/locations/*`. (required)
+  filter: string, Optional. Only include resources that match the filter in the response.
+  orderBy: string, Optional. Specify how the results should be sorted.
+  pageSize: integer, Optional. Limit on the number of CertificateTemplates to include in the response. Further CertificateTemplates can subsequently be obtained by including the ListCertificateTemplatesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.
+  pageToken: string, Optional. Pagination token, returned earlier via ListCertificateTemplatesResponse.next_page_token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for CertificateAuthorityService.ListCertificateTemplates.
+  "certificateTemplates": [ # The list of CertificateTemplates.
+    { # A CertificateTemplate refers to a managed template for certificate issuance.
+      "createTime": "A String", # Output only. The time at which this CertificateTemplate was created.
+      "description": "A String", # Optional. A human-readable description of scenarios this template is intended for.
+      "identityConstraints": { # Describes constraints on a Certificate's Subject and SubjectAltNames. # Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
+        "allowSubjectAltNamesPassthrough": True or False, # Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
+        "allowSubjectPassthrough": True or False, # Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
+        "celExpression": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/cel-guide
+          "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+          "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+          "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+          "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+        },
+      },
+      "labels": { # Optional. Labels with user-defined metadata.
+        "a_key": "A String",
+      },
+      "name": "A String", # Output only. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
+      "passthroughExtensions": { # Describes a set of X.509 extensions that may be part of some certificate issuance controls. # Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
+        "additionalExtensions": [ # Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+        "knownExtensions": [ # Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
+          "A String",
+        ],
+      },
+      "predefinedValues": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.
+        "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+          { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+            "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+            "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+            "value": "A String", # Required. The value of this X.509 extension.
+          },
+        ],
+        "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+          "A String",
+        ],
+        "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+          "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+          "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+        },
+        "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+          "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+            "certSign": True or False, # The key may be used to sign certificates.
+            "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+            "crlSign": True or False, # The key may be used sign certificate revocation lists.
+            "dataEncipherment": True or False, # The key may be used to encipher data.
+            "decipherOnly": True or False, # The key may be used to decipher only.
+            "digitalSignature": True or False, # The key may be used for digital signatures.
+            "encipherOnly": True or False, # The key may be used to encipher only.
+            "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+            "keyEncipherment": True or False, # The key may be used to encipher other keys.
+          },
+          "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+            "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+            "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+            "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+            "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+            "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+            "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+          },
+          "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+            { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+              "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+                42,
+              ],
+            },
+          ],
+        },
+        "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+          { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+            "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+              42,
+            ],
+          },
+        ],
+      },
+      "updateTime": "A String", # Output only. The time at which this CertificateTemplate was updated.
+    },
+  ],
+  "nextPageToken": "A String", # A token to retrieve next page of results. Pass this value in ListCertificateTemplatesRequest.next_page_token to retrieve the next page of results.
+  "unreachable": [ # A list of locations (e.g. "us-west1") that could not be reached.
+    "A String",
+  ],
+}
+
+ +
+ list_next(previous_request, previous_response) +
Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call 'execute()' on to request the next
+  page. Returns None if there are no more items in the collection.
+    
+
+ +
+ patch(name, body=None, requestId=None, updateMask=None, x__xgafv=None) +
Update a CertificateTemplate.
+
+Args:
+  name: string, Output only. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A CertificateTemplate refers to a managed template for certificate issuance.
+  "createTime": "A String", # Output only. The time at which this CertificateTemplate was created.
+  "description": "A String", # Optional. A human-readable description of scenarios this template is intended for.
+  "identityConstraints": { # Describes constraints on a Certificate's Subject and SubjectAltNames. # Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
+    "allowSubjectAltNamesPassthrough": True or False, # Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
+    "allowSubjectPassthrough": True or False, # Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
+    "celExpression": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/cel-guide
+      "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
+      "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
+      "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
+      "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
+    },
+  },
+  "labels": { # Optional. Labels with user-defined metadata.
+    "a_key": "A String",
+  },
+  "name": "A String", # Output only. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
+  "passthroughExtensions": { # Describes a set of X.509 extensions that may be part of some certificate issuance controls. # Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
+    "additionalExtensions": [ # Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
+      { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+        "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+          42,
+        ],
+      },
+    ],
+    "knownExtensions": [ # Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
+      "A String",
+    ],
+  },
+  "predefinedValues": { # An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions. # Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.
+    "additionalExtensions": [ # Optional. Describes custom X.509 extensions.
+      { # An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
+        "critical": True or False, # Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
+        "objectId": { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages. # Required. The OID for this X.509 extension.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+        "value": "A String", # Required. The value of this X.509 extension.
+      },
+    ],
+    "aiaOcspServers": [ # Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
+      "A String",
+    ],
+    "caOptions": { # Describes values that are relevant in a CA certificate. # Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
+      "isCa": True or False, # Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
+      "maxIssuerPathLength": 42, # Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
+    },
+    "keyUsage": { # A KeyUsage describes key usage values that may appear in an X.509 certificate. # Optional. Indicates the intended use for keys that correspond to a certificate.
+      "baseKeyUsage": { # KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3. # Describes high-level ways in which a key may be used.
+        "certSign": True or False, # The key may be used to sign certificates.
+        "contentCommitment": True or False, # The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
+        "crlSign": True or False, # The key may be used sign certificate revocation lists.
+        "dataEncipherment": True or False, # The key may be used to encipher data.
+        "decipherOnly": True or False, # The key may be used to decipher only.
+        "digitalSignature": True or False, # The key may be used for digital signatures.
+        "encipherOnly": True or False, # The key may be used to encipher only.
+        "keyAgreement": True or False, # The key may be used in a key agreement protocol.
+        "keyEncipherment": True or False, # The key may be used to encipher other keys.
+      },
+      "extendedKeyUsage": { # KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value. # Detailed scenarios in which a key may be used.
+        "clientAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
+        "codeSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
+        "emailProtection": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
+        "ocspSigning": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
+        "serverAuth": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
+        "timeStamping": True or False, # Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
+      },
+      "unknownExtendedKeyUsages": [ # Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
+        { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+          "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+            42,
+          ],
+        },
+      ],
+    },
+    "policyIds": [ # Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
+      { # An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
+        "objectIdPath": [ # Required. The parts of an OID path. The most significant parts of the path come first.
+          42,
+        ],
+      },
+    ],
+  },
+  "updateTime": "A String", # Output only. The time at which this CertificateTemplate was updated.
+}
+
+  requestId: string, Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
+  updateMask: string, Required. A list of fields to be updated in this request.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+    "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        "a_key": "", # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+  "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    "a_key": "", # Properties of the object. Contains field @type with type URL.
+  },
+}
+
+
setIamPolicy(resource, body=None, x__xgafv=None)
Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.placements.html b/docs/dyn/retail_v2.projects.locations.catalogs.placements.html
index 57e0594504b..643974d6ff1 100644
--- a/docs/dyn/retail_v2.projects.locations.catalogs.placements.html
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.placements.html
@@ -119,7 +119,7 @@ 

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.userEvents.html b/docs/dyn/retail_v2.projects.locations.catalogs.userEvents.html index d63a972495b..45bb8be3e73 100644 --- a/docs/dyn/retail_v2.projects.locations.catalogs.userEvents.html +++ b/docs/dyn/retail_v2.projects.locations.catalogs.userEvents.html @@ -169,7 +169,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], @@ -383,7 +383,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], @@ -478,7 +478,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.placements.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.placements.html index f8cfcddf315..d0c40b9f85e 100644 --- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.placements.html +++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.placements.html @@ -119,7 +119,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.userEvents.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.userEvents.html index b53fd817e03..50784d94058 100644 --- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.userEvents.html +++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.userEvents.html @@ -169,7 +169,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], @@ -383,7 +383,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], @@ -478,7 +478,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.placements.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.placements.html index 6b7e1530393..1caef0cbd89 100644 --- a/docs/dyn/retail_v2beta.projects.locations.catalogs.placements.html +++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.placements.html @@ -119,7 +119,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.userEvents.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.userEvents.html index d9a52946ef0..6e7ed84a84c 100644 --- a/docs/dyn/retail_v2beta.projects.locations.catalogs.userEvents.html +++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.userEvents.html @@ -169,7 +169,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], @@ -383,7 +383,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], @@ -478,7 +478,7 @@

Method Details

"attributionToken": "A String", # Highly recommended for user events that are the result of PredictionService.Predict. This field enables accurate attribution of recommendation model performance. The value must be a valid PredictResponse.attribution_token for user events that are the result of PredictionService.Predict. This token enables us to accurately attribute page view or purchase back to the event and the particular predict response containing this clicked/purchased product. If user clicks on product K in the recommendation results, pass PredictResponse.attribution_token as a URL parameter to product K's page. When recording events on product K's page, log the PredictResponse.attribution_token to this field. "cartId": "A String", # The id or name of the associated shopping cart. This id is used to associate multiple items added or present in the cart before purchase. This can only be set for `add-to-cart`, `purchase-complete`, or `shopping-cart-page-view` events. "eventTime": "A String", # Only required for UserEventService.ImportUserEvents method. Timestamp of when the user event happened. - "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. + "eventType": "A String", # Required. User event type. Allowed values are: * `add-to-cart`: Products being added to cart. * `category-page-view`: Special pages such as sale or promotion pages viewed. * `completion`: Completion query result showed/clicked. * `detail-page-view`: Products detail page viewed. * `home-page-view`: Homepage viewed. * `promotion-offered`: Promotion is offered to a user. * `promotion-not-offered`: Promotion is not offered to a user. * `purchase-complete`: User finishing a purchase. * `search`: Product search. * `shopping-cart-page-view`: User viewing a shopping cart. "experimentIds": [ # A list of identifiers for the independent experiment groups this user event belongs to. This is used to distinguish between user events associated with different experiment setups (e.g. using Retail API, using different recommendation models). "A String", ], diff --git a/docs/dyn/spanner_v1.projects.instances.databases.sessions.html b/docs/dyn/spanner_v1.projects.instances.databases.sessions.html index 936dae878c9..1cbdde8390f 100644 --- a/docs/dyn/spanner_v1.projects.instances.databases.sessions.html +++ b/docs/dyn/spanner_v1.projects.instances.databases.sessions.html @@ -337,7 +337,7 @@

Method Details

{ # The response for Commit. "commitStats": { # Additional statistics about a commit. # The statistics about this Commit. Not returned by default. For more information, see CommitRequest.return_commit_stats. - "mutationCount": "A String", # The total number of mutations for the transaction. Knowing the `mutation_count` value can help you maximize the number of mutations in a transaction and minimize the number of API round trips. You can also monitor this value to prevent transactions from exceeding the system [limit](http://cloud.google.com/spanner/quotas#limits_for_creating_reading_updating_and_deleting_data). If the number of mutations exceeds the limit, the server returns [INVALID_ARGUMENT](http://cloud.google.com/spanner/docs/reference/rest/v1/Code#ENUM_VALUES.INVALID_ARGUMENT). + "mutationCount": "A String", # The total number of mutations for the transaction. Knowing the `mutation_count` value can help you maximize the number of mutations in a transaction and minimize the number of API round trips. You can also monitor this value to prevent transactions from exceeding the system [limit](https://cloud.google.com/spanner/quotas#limits_for_creating_reading_updating_and_deleting_data). If the number of mutations exceeds the limit, the server returns [INVALID_ARGUMENT](https://cloud.google.com/spanner/docs/reference/rest/v1/Code#ENUM_VALUES.INVALID_ARGUMENT). }, "commitTimestamp": "A String", # The Cloud Spanner timestamp at which the transaction committed. }
@@ -421,7 +421,14 @@

Method Details

"a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements. "code": "A String", # Required. The TypeCode for this type. - "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields. + "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields. + "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query. + { # Message representing a single field of a struct. + "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name. + "type": # Object with schema name: Type # The type of the field. + }, + ], + }, }, }, "params": { # Parameter names and values that bind to placeholders in the DML string. A parameter placeholder consists of the `@` character followed by the parameter name (for example, `@firstName`). Parameter names can contain letters, numbers, and underscores. Parameters can appear anywhere that a literal value is expected. The same parameter name can be used more than once, for example: `"WHERE id > @msg_id AND id < @msg_id + 100"` It is an error to execute a SQL statement with unbound parameters. @@ -479,11 +486,7 @@

Method Details

"fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query. { # Message representing a single field of a struct. "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name. - "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field. - "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements. - "code": "A String", # Required. The TypeCode for this type. - "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields. - }, + "type": # Object with schema name: Type # The type of the field. }, ], }, @@ -560,7 +563,14 @@

Method Details

"a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements. "code": "A String", # Required. The TypeCode for this type. - "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields. + "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields. + "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query. + { # Message representing a single field of a struct. + "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name. + "type": # Object with schema name: Type # The type of the field. + }, + ], + }, }, }, "params": { # Parameter names and values that bind to placeholders in the SQL string. A parameter placeholder consists of the `@` character followed by the parameter name (for example, `@firstName`). Parameter names must conform to the naming requirements of identifiers as specified at https://cloud.google.com/spanner/docs/lexical#identifiers. Parameters can appear anywhere that a literal value is expected. The same parameter name can be used more than once, for example: `"WHERE id > @msg_id AND id < @msg_id + 100"` It is an error to execute a SQL statement with unbound parameters. @@ -627,11 +637,7 @@

Method Details

"fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query. { # Message representing a single field of a struct. "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name. - "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field. - "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements. - "code": "A String", # Required. The TypeCode for this type. - "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields. - }, + "type": # Object with schema name: Type # The type of the field. }, ], }, @@ -697,7 +703,14 @@

Method Details

"a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements. "code": "A String", # Required. The TypeCode for this type. - "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields. + "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields. + "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query. + { # Message representing a single field of a struct. + "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name. + "type": # Object with schema name: Type # The type of the field. + }, + ], + }, }, }, "params": { # Parameter names and values that bind to placeholders in the SQL string. A parameter placeholder consists of the `@` character followed by the parameter name (for example, `@firstName`). Parameter names must conform to the naming requirements of identifiers as specified at https://cloud.google.com/spanner/docs/lexical#identifiers. Parameters can appear anywhere that a literal value is expected. The same parameter name can be used more than once, for example: `"WHERE id > @msg_id AND id < @msg_id + 100"` It is an error to execute a SQL statement with unbound parameters. @@ -765,11 +778,7 @@

Method Details

"fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query. { # Message representing a single field of a struct. "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name. - "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field. - "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements. - "code": "A String", # Required. The TypeCode for this type. - "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields. - }, + "type": # Object with schema name: Type # The type of the field. }, ], }, @@ -904,7 +913,14 @@

Method Details

"a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements. "code": "A String", # Required. The TypeCode for this type. - "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields. + "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields. + "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query. + { # Message representing a single field of a struct. + "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name. + "type": # Object with schema name: Type # The type of the field. + }, + ], + }, }, }, "params": { # Parameter names and values that bind to placeholders in the SQL string. A parameter placeholder consists of the `@` character followed by the parameter name (for example, `@firstName`). Parameter names can contain letters, numbers, and underscores. Parameters can appear anywhere that a literal value is expected. The same parameter name can be used more than once, for example: `"WHERE id > @msg_id AND id < @msg_id + 100"` It is an error to execute a SQL statement with unbound parameters. @@ -1160,11 +1176,7 @@

Method Details

"fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query. { # Message representing a single field of a struct. "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name. - "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field. - "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements. - "code": "A String", # Required. The TypeCode for this type. - "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields. - }, + "type": # Object with schema name: Type # The type of the field. }, ], }, @@ -1336,11 +1348,7 @@

Method Details

"fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query. { # Message representing a single field of a struct. "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name. - "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field. - "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements. - "code": "A String", # Required. The TypeCode for this type. - "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields. - }, + "type": # Object with schema name: Type # The type of the field. }, ], }, diff --git a/docs/dyn/texttospeech_v1beta1.text.html b/docs/dyn/texttospeech_v1beta1.text.html index 5233a028d61..f9c67f83215 100644 --- a/docs/dyn/texttospeech_v1beta1.text.html +++ b/docs/dyn/texttospeech_v1beta1.text.html @@ -139,9 +139,9 @@

Method Details

"volumeGainDb": 3.14, # Optional. Input only. Volume gain (in dB) of the normal native volume supported by the specific voice, in the range [-96.0, 16.0]. If unset, or set to a value of 0.0 (dB), will play at normal native signal amplitude. A value of -6.0 (dB) will play at approximately half the amplitude of the normal native signal amplitude. A value of +6.0 (dB) will play at approximately twice the amplitude of the normal native signal amplitude. Strongly recommend not to exceed +10 (dB) as there's usually no effective increase in loudness for any value greater than that. }, "audioContent": "A String", # The audio data bytes encoded as specified in the request, including the header for encodings that are wrapped in containers (e.g. MP3, OGG_OPUS). For LINEAR16 audio, we include the WAV header. Note: as with all bytes fields, protobuffers use a pure binary representation, whereas JSON representations use base64. - "timepoints": [ # A link between a position in the original request input and a corresponding time in the output audio. It's only supported via of SSML input. + "timepoints": [ # A link between a position in the original request input and a corresponding time in the output audio. It's only supported via `` of SSML input. { # This contains a mapping between a certain point in the input text and a corresponding time in the output audio. - "markName": "A String", # Timepoint name as received from the client within tag. + "markName": "A String", # Timepoint name as received from the client within `` tag. "timeSeconds": 3.14, # Time offset in seconds from the start of the synthesized audio. }, ], diff --git a/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json b/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json index 1620a9f0c2f..9f4b627c083 100644 --- a/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json +++ b/googleapiclient/discovery_cache/documents/area120tables.v1alpha1.json @@ -586,7 +586,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://area120tables.googleapis.com/", "schemas": { "BatchCreateRowsRequest": { diff --git a/googleapiclient/discovery_cache/documents/artifactregistry.v1.json b/googleapiclient/discovery_cache/documents/artifactregistry.v1.json index e9c84f44edd..8d6a105cdb8 100644 --- a/googleapiclient/discovery_cache/documents/artifactregistry.v1.json +++ b/googleapiclient/discovery_cache/documents/artifactregistry.v1.json @@ -348,7 +348,7 @@ } } }, - "revision": "20210524", + "revision": "20210527", "rootUrl": "https://artifactregistry.googleapis.com/", "schemas": { "CancelOperationRequest": { diff --git a/googleapiclient/discovery_cache/documents/artifactregistry.v1beta1.json b/googleapiclient/discovery_cache/documents/artifactregistry.v1beta1.json index 8918df2b445..7491f9c12c7 100644 --- a/googleapiclient/discovery_cache/documents/artifactregistry.v1beta1.json +++ b/googleapiclient/discovery_cache/documents/artifactregistry.v1beta1.json @@ -971,7 +971,7 @@ } } }, - "revision": "20210524", + "revision": "20210527", "rootUrl": "https://artifactregistry.googleapis.com/", "schemas": { "Binding": { diff --git a/googleapiclient/discovery_cache/documents/artifactregistry.v1beta2.json b/googleapiclient/discovery_cache/documents/artifactregistry.v1beta2.json index 6ec451d734c..e3d9745e16d 100644 --- a/googleapiclient/discovery_cache/documents/artifactregistry.v1beta2.json +++ b/googleapiclient/discovery_cache/documents/artifactregistry.v1beta2.json @@ -971,7 +971,7 @@ } } }, - "revision": "20210524", + "revision": "20210527", "rootUrl": "https://artifactregistry.googleapis.com/", "schemas": { "Binding": { diff --git a/googleapiclient/discovery_cache/documents/calendar.v3.json b/googleapiclient/discovery_cache/documents/calendar.v3.json index 08ee310faaa..aaaf2cfdf3a 100644 --- a/googleapiclient/discovery_cache/documents/calendar.v3.json +++ b/googleapiclient/discovery_cache/documents/calendar.v3.json @@ -1723,7 +1723,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://www.googleapis.com/", "schemas": { "Acl": { diff --git a/googleapiclient/discovery_cache/documents/chromemanagement.v1.json b/googleapiclient/discovery_cache/documents/chromemanagement.v1.json index 076a9b95e77..dce1a6846cd 100644 --- a/googleapiclient/discovery_cache/documents/chromemanagement.v1.json +++ b/googleapiclient/discovery_cache/documents/chromemanagement.v1.json @@ -288,7 +288,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://chromemanagement.googleapis.com/", "schemas": { "GoogleChromeManagementV1BrowserVersion": { diff --git a/googleapiclient/discovery_cache/documents/chromepolicy.v1.json b/googleapiclient/discovery_cache/documents/chromepolicy.v1.json index eb75d7490ad..6a0fc871fc3 100644 --- a/googleapiclient/discovery_cache/documents/chromepolicy.v1.json +++ b/googleapiclient/discovery_cache/documents/chromepolicy.v1.json @@ -324,7 +324,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://chromepolicy.googleapis.com/", "schemas": { "GoogleChromePolicyV1AdditionalTargetKeyName": { diff --git a/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json b/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json index 3900b472556..fb435638e55 100644 --- a/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json +++ b/googleapiclient/discovery_cache/documents/chromeuxreport.v1.json @@ -116,7 +116,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://chromeuxreport.googleapis.com/", "schemas": { "Bin": { diff --git a/googleapiclient/discovery_cache/documents/cloudkms.v1.json b/googleapiclient/discovery_cache/documents/cloudkms.v1.json index 537f00a9dd3..f3caaf7f868 100644 --- a/googleapiclient/discovery_cache/documents/cloudkms.v1.json +++ b/googleapiclient/discovery_cache/documents/cloudkms.v1.json @@ -1259,7 +1259,7 @@ } } }, - "revision": "20210522", + "revision": "20210527", "rootUrl": "https://cloudkms.googleapis.com/", "schemas": { "AsymmetricDecryptRequest": { diff --git a/googleapiclient/discovery_cache/documents/cloudprofiler.v2.json b/googleapiclient/discovery_cache/documents/cloudprofiler.v2.json index 10ca3b11e56..b44762894ab 100644 --- a/googleapiclient/discovery_cache/documents/cloudprofiler.v2.json +++ b/googleapiclient/discovery_cache/documents/cloudprofiler.v2.json @@ -216,7 +216,7 @@ } } }, - "revision": "20210522", + "revision": "20210528", "rootUrl": "https://cloudprofiler.googleapis.com/", "schemas": { "CreateProfileRequest": { diff --git a/googleapiclient/discovery_cache/documents/cloudtrace.v1.json b/googleapiclient/discovery_cache/documents/cloudtrace.v1.json index 9df829fdba2..99c2b8c9812 100644 --- a/googleapiclient/discovery_cache/documents/cloudtrace.v1.json +++ b/googleapiclient/discovery_cache/documents/cloudtrace.v1.json @@ -257,7 +257,7 @@ } } }, - "revision": "20210504", + "revision": "20210524", "rootUrl": "https://cloudtrace.googleapis.com/", "schemas": { "Empty": { diff --git a/googleapiclient/discovery_cache/documents/cloudtrace.v2.json b/googleapiclient/discovery_cache/documents/cloudtrace.v2.json index d72e08efc87..33767b7eb42 100644 --- a/googleapiclient/discovery_cache/documents/cloudtrace.v2.json +++ b/googleapiclient/discovery_cache/documents/cloudtrace.v2.json @@ -181,7 +181,7 @@ } } }, - "revision": "20210504", + "revision": "20210524", "rootUrl": "https://cloudtrace.googleapis.com/", "schemas": { "Annotation": { diff --git a/googleapiclient/discovery_cache/documents/cloudtrace.v2beta1.json b/googleapiclient/discovery_cache/documents/cloudtrace.v2beta1.json index ce67085d723..90d7a1c8cab 100644 --- a/googleapiclient/discovery_cache/documents/cloudtrace.v2beta1.json +++ b/googleapiclient/discovery_cache/documents/cloudtrace.v2beta1.json @@ -273,7 +273,7 @@ } } }, - "revision": "20210504", + "revision": "20210524", "rootUrl": "https://cloudtrace.googleapis.com/", "schemas": { "Empty": { diff --git a/googleapiclient/discovery_cache/documents/compute.alpha.json b/googleapiclient/discovery_cache/documents/compute.alpha.json index 5c1383b6d36..4c1d714a35f 100644 --- a/googleapiclient/discovery_cache/documents/compute.alpha.json +++ b/googleapiclient/discovery_cache/documents/compute.alpha.json @@ -29,7 +29,7 @@ "description": "Creates and runs virtual machines on Google Cloud Platform.", "discoveryVersion": "v1", "documentationLink": "https://developers.google.com/compute/docs/reference/latest/", - "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/opvaAGdr1PM_WVOLZQA35SZFjfE\"", + "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/ksyaV5YKfA979wY3Lj02bT9wTcE\"", "icons": { "x16": "https://www.google.com/images/icons/product/compute_engine-16.png", "x32": "https://www.google.com/images/icons/product/compute_engine-32.png" @@ -1729,6 +1729,46 @@ "https://www.googleapis.com/auth/compute.readonly" ] }, + "getIamPolicy": { + "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.", + "httpMethod": "GET", + "id": "compute.backendServices.getIamPolicy", + "parameterOrder": [ + "project", + "resource" + ], + "parameters": { + "optionsRequestedPolicyVersion": { + "description": "Requested IAM Policy version.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "resource": { + "description": "Name or id of the resource for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/global/backendServices/{resource}/getIamPolicy", + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute", + "https://www.googleapis.com/auth/compute.readonly" + ] + }, "insert": { "description": "Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.", "httpMethod": "POST", @@ -1897,6 +1937,42 @@ "https://www.googleapis.com/auth/compute" ] }, + "setIamPolicy": { + "description": "Sets the access control policy on the specified resource. Replaces any existing policy.", + "httpMethod": "POST", + "id": "compute.backendServices.setIamPolicy", + "parameterOrder": [ + "project", + "resource" + ], + "parameters": { + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "resource": { + "description": "Name or id of the resource for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/global/backendServices/{resource}/setIamPolicy", + "request": { + "$ref": "GlobalSetPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute" + ] + }, "setSecurityPolicy": { "description": "Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview", "httpMethod": "POST", @@ -3408,7 +3484,7 @@ ] }, "list": { - "description": "Lists all the policies that have been configured for the specified project.", + "description": "Lists all the policies that have been configured for the specified folder or organization.", "httpMethod": "GET", "id": "compute.firewallPolicies.list", "parameters": { @@ -10744,6 +10820,52 @@ "https://www.googleapis.com/auth/compute.readonly" ] }, + "performMaintenance": { + "description": "Perform a manual maintenance on the instance.", + "httpMethod": "POST", + "id": "compute.instances.performMaintenance", + "parameterOrder": [ + "project", + "zone", + "instance" + ], + "parameters": { + "instance": { + "description": "Name of the instance scoping this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}", + "required": true, + "type": "string" + }, + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "requestId": { + "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed.\n\nFor example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments.\n\nThe request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + }, + "zone": { + "description": "The name of the zone for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/zones/{zone}/instances/{instance}/performMaintenance", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute" + ] + }, "removeResourcePolicies": { "description": "Removes resource policies from an instance.", "httpMethod": "POST", @@ -14922,6 +15044,18 @@ "required": true, "type": "string" }, + "maxPriority": { + "description": "When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "minPriority": { + "description": "When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority.", + "format": "int32", + "location": "query", + "type": "integer" + }, "project": { "description": "Project ID for this request.", "location": "path", @@ -19736,6 +19870,54 @@ "https://www.googleapis.com/auth/compute.readonly" ] }, + "getIamPolicy": { + "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.", + "httpMethod": "GET", + "id": "compute.regionBackendServices.getIamPolicy", + "parameterOrder": [ + "project", + "region", + "resource" + ], + "parameters": { + "optionsRequestedPolicyVersion": { + "description": "Requested IAM Policy version.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "region": { + "description": "The name of the region for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?", + "required": true, + "type": "string" + }, + "resource": { + "description": "Name or id of the resource for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/regions/{region}/backendServices/{resource}/getIamPolicy", + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute", + "https://www.googleapis.com/auth/compute.readonly" + ] + }, "insert": { "description": "Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.", "httpMethod": "POST", @@ -19888,6 +20070,50 @@ "https://www.googleapis.com/auth/compute" ] }, + "setIamPolicy": { + "description": "Sets the access control policy on the specified resource. Replaces any existing policy.", + "httpMethod": "POST", + "id": "compute.regionBackendServices.setIamPolicy", + "parameterOrder": [ + "project", + "region", + "resource" + ], + "parameters": { + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "region": { + "description": "The name of the region for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?", + "required": true, + "type": "string" + }, + "resource": { + "description": "Name or id of the resource for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/regions/{region}/backendServices/{resource}/setIamPolicy", + "request": { + "$ref": "RegionSetPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute" + ] + }, "testIamPermissions": { "description": "Returns permissions that a caller has on the specified resource.", "httpMethod": "POST", @@ -23736,6 +23962,42 @@ "https://www.googleapis.com/auth/cloud-platform", "https://www.googleapis.com/auth/compute" ] + }, + "recommendLocations": { + "description": "Returns recommended locations (zones in a region) for specified sets of homogenous instances.", + "httpMethod": "POST", + "id": "compute.regionInstances.recommendLocations", + "parameterOrder": [ + "project", + "region" + ], + "parameters": { + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "region": { + "description": "The name of the region for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/regions/{region}/instances/recommendLocations", + "request": { + "$ref": "RegionInstancesRecommendLocationsResource" + }, + "response": { + "$ref": "RegionInstancesRecommendLocationsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute" + ] } } }, @@ -24431,6 +24693,18 @@ "required": true, "type": "string" }, + "maxPriority": { + "description": "When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "minPriority": { + "description": "When rule.priority is not specified, auto choose a unused priority between minPriority and maxPriority>. This field is exclusive with rule.priority.", + "format": "int32", + "location": "query", + "type": "integer" + }, "project": { "description": "Project ID for this request.", "location": "path", @@ -36581,7 +36855,7 @@ } } }, - "revision": "20210518", + "revision": "20210525", "rootUrl": "https://compute.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -39372,7 +39646,7 @@ "type": "string" }, "sessionAffinity": { - "description": "Type of session affinity to use. The default is NONE.\n\nWhen the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.\n\nWhen the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.\n\nNot supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", + "description": "Type of session affinity to use. The default is NONE.\n\nWhen the loadBalancingScheme is EXTERNAL:\n\n* For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.\n\nWhen the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.\n\nNot supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", "enum": [ "CLIENT_IP", "CLIENT_IP_NO_DESTINATION", @@ -40679,7 +40953,6 @@ "GENERAL_PURPOSE_N2", "GENERAL_PURPOSE_N2D", "MEMORY_OPTIMIZED", - "MEMORY_OPTIMIZED_REGIONAL_EXTENSION", "TYPE_UNSPECIFIED" ], "enumDescriptions": [ @@ -40691,7 +40964,6 @@ "", "", "", - "", "" ], "type": "string" @@ -46605,7 +46877,7 @@ }, "faultInjectionPolicy": { "$ref": "HttpFaultInjection", - "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests.\ntimeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy." + "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,\ntimeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy." }, "maxStreamDuration": { "$ref": "Duration", @@ -52359,7 +52631,7 @@ "type": "string" }, "state": { - "description": "State of this notification, which can take one of the following values: \n- ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. \n- CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with \"NS_\" have been deprecated in favor of the unprefixed values.", + "description": "State of this notification, which can take one of the following values: \n- ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. \n- CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. \n- COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with \"NS_\" have been deprecated in favor of the unprefixed values.", "enum": [ "ACTIVE", "CANCELLED", @@ -53053,6 +53325,22 @@ }, "description": "Location configurations mapped by location name. Currently only zone names are supported and must be represented as valid internal URLs, such as zones/us-central1-a.", "type": "object" + }, + "targetShape": { + "description": "Strategy for distributing VMs across zones in a region.", + "enum": [ + "ANY", + "ANY_SINGLE_ZONE", + "BALANCED", + "TARGET_SHAPE_UNSPECIFIED" + ], + "enumDescriptions": [ + "", + "", + "", + "" + ], + "type": "string" } }, "type": "object" @@ -59988,9 +60276,11 @@ "enum": [ "ANNOUNCED", "DELETING", - "INITIALIZING" + "INITIALIZING", + "READY_TO_ANNOUNCE" ], "enumDescriptions": [ + "", "", "", "" @@ -61876,6 +62166,64 @@ }, "type": "object" }, + "RegionInstancesRecommendLocationsResource": { + "description": "A transient resource used in compute.regionInstances.recommendLocations. This resource is not saved anywhere and used only to process the request.", + "id": "RegionInstancesRecommendLocationsResource", + "properties": { + "instanceSpecs": { + "additionalProperties": { + "$ref": "BulkInsertInstanceResource" + }, + "description": "Specification of named homogeneous instance sets to find location for.\nKeys of this map are arbitrary (but must be different), defined by the caller used only in the response. They must follow RFC 1035 name standard. Specifically, they must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.\nValues are trimmed BulkInsertInstanceResource messages, without the following fields: \n- min_count\n- predefined_name\n- name_pattern\n- per_instance_properties\n- instance\n- secure_tag\n- location_policy", + "type": "object" + }, + "locationPolicy": { + "$ref": "LocationPolicy", + "description": "Location policy to indicate allowed zones for instances, together with the shape of the distribution." + } + }, + "type": "object" + }, + "RegionInstancesRecommendLocationsResponse": { + "description": "Response for for compute.regionInstances.recommendLocations.", + "id": "RegionInstancesRecommendLocationsResponse", + "properties": { + "recommendedLocations": { + "additionalProperties": { + "$ref": "RegionInstancesRecommendLocationsResponseRecommendationsForInstanceSpecs" + }, + "description": "Instance count recommendations, keys are instance spec names.", + "type": "object" + } + }, + "type": "object" + }, + "RegionInstancesRecommendLocationsResponseRecommendation": { + "description": "Instance count recommendation for a single zone.", + "id": "RegionInstancesRecommendLocationsResponseRecommendation", + "properties": { + "instanceCount": { + "description": "Count of instances recommended.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "RegionInstancesRecommendLocationsResponseRecommendationsForInstanceSpecs": { + "description": "Instance count recommendations for a single instance specification.", + "id": "RegionInstancesRecommendLocationsResponseRecommendationsForInstanceSpecs", + "properties": { + "locations": { + "additionalProperties": { + "$ref": "RegionInstancesRecommendLocationsResponseRecommendation" + }, + "description": "Instance count recommendations, keys are zone names.", + "type": "object" + } + }, + "type": "object" + }, "RegionInstantSnapshotsExportRequest": { "id": "RegionInstantSnapshotsExportRequest", "properties": { @@ -63385,6 +63733,9 @@ "properties": { "scheduling": { "$ref": "ResourceStatusScheduling" + }, + "upcomingMaintenance": { + "$ref": "ResourceStatusUpcomingMaintenance" } }, "type": "object" @@ -63400,6 +63751,16 @@ }, "type": "object" }, + "ResourceStatusUpcomingMaintenance": { + "id": "ResourceStatusUpcomingMaintenance", + "properties": { + "canReschedule": { + "description": "Indicates if the maintenance can be customer triggered. See go/sf-ctm-design for more details", + "type": "boolean" + } + }, + "type": "object" + }, "RolloutPolicy": { "description": "A rollout policy configuration.", "id": "RolloutPolicy", @@ -64266,7 +64627,7 @@ "type": "string" }, "subnetwork": { - "description": "The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here.", + "description": "The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here.", "type": "string" } }, @@ -68473,7 +68834,8 @@ "INTERNAL_HTTPS_LOAD_BALANCER", "PRIVATE", "PRIVATE_RFC_1918", - "PRIVATE_SERVICE_CONNECT" + "PRIVATE_SERVICE_CONNECT", + "REGIONAL_MANAGED_PROXY" ], "enumDescriptions": [ "", @@ -68481,6 +68843,7 @@ "", "", "", + "", "" ], "type": "string" @@ -68994,7 +69357,7 @@ "type": "object" }, "Subsetting": { - "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing.", + "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.", "id": "Subsetting", "properties": { "policy": { diff --git a/googleapiclient/discovery_cache/documents/compute.beta.json b/googleapiclient/discovery_cache/documents/compute.beta.json index 4c883cf6877..7714d09a490 100644 --- a/googleapiclient/discovery_cache/documents/compute.beta.json +++ b/googleapiclient/discovery_cache/documents/compute.beta.json @@ -29,7 +29,7 @@ "description": "Creates and runs virtual machines on Google Cloud Platform.", "discoveryVersion": "v1", "documentationLink": "https://developers.google.com/compute/docs/reference/latest/", - "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/WyhrzZ6yGpSD4Diq4FRe28Fl47g\"", + "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/RRb_Xr6enMoYQoQ7UmFL5PJ2s0Q\"", "icons": { "x16": "https://www.google.com/images/icons/product/compute_engine-16.png", "x32": "https://www.google.com/images/icons/product/compute_engine-32.png" @@ -1729,6 +1729,46 @@ "https://www.googleapis.com/auth/compute.readonly" ] }, + "getIamPolicy": { + "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.", + "httpMethod": "GET", + "id": "compute.backendServices.getIamPolicy", + "parameterOrder": [ + "project", + "resource" + ], + "parameters": { + "optionsRequestedPolicyVersion": { + "description": "Requested IAM Policy version.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "resource": { + "description": "Name or id of the resource for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/global/backendServices/{resource}/getIamPolicy", + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute", + "https://www.googleapis.com/auth/compute.readonly" + ] + }, "insert": { "description": "Creates a BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.", "httpMethod": "POST", @@ -1897,6 +1937,42 @@ "https://www.googleapis.com/auth/compute" ] }, + "setIamPolicy": { + "description": "Sets the access control policy on the specified resource. Replaces any existing policy.", + "httpMethod": "POST", + "id": "compute.backendServices.setIamPolicy", + "parameterOrder": [ + "project", + "resource" + ], + "parameters": { + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "resource": { + "description": "Name or id of the resource for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9_]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/global/backendServices/{resource}/setIamPolicy", + "request": { + "$ref": "GlobalSetPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute" + ] + }, "setSecurityPolicy": { "description": "Sets the Google Cloud Armor security policy for the specified backend service. For more information, see Google Cloud Armor Overview", "httpMethod": "POST", @@ -3353,7 +3429,7 @@ ] }, "list": { - "description": "Lists all the policies that have been configured for the specified project.", + "description": "Lists all the policies that have been configured for the specified folder or organization.", "httpMethod": "GET", "id": "compute.firewallPolicies.list", "parameters": { @@ -17670,6 +17746,54 @@ "https://www.googleapis.com/auth/compute.readonly" ] }, + "getIamPolicy": { + "description": "Gets the access control policy for a resource. May be empty if no such policy or resource exists.", + "httpMethod": "GET", + "id": "compute.regionBackendServices.getIamPolicy", + "parameterOrder": [ + "project", + "region", + "resource" + ], + "parameters": { + "optionsRequestedPolicyVersion": { + "description": "Requested IAM Policy version.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "region": { + "description": "The name of the region for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?", + "required": true, + "type": "string" + }, + "resource": { + "description": "Name or id of the resource for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/regions/{region}/backendServices/{resource}/getIamPolicy", + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute", + "https://www.googleapis.com/auth/compute.readonly" + ] + }, "insert": { "description": "Creates a regional BackendService resource in the specified project using the data included in the request. For more information, see Backend services overview.", "httpMethod": "POST", @@ -17822,6 +17946,50 @@ "https://www.googleapis.com/auth/compute" ] }, + "setIamPolicy": { + "description": "Sets the access control policy on the specified resource. Replaces any existing policy.", + "httpMethod": "POST", + "id": "compute.regionBackendServices.setIamPolicy", + "parameterOrder": [ + "project", + "region", + "resource" + ], + "parameters": { + "project": { + "description": "Project ID for this request.", + "location": "path", + "pattern": "(?:(?:[-a-z0-9]{1,63}\\.)*(?:[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?):)?(?:[0-9]{1,19}|(?:[a-z0-9](?:[-a-z0-9]{0,61}[a-z0-9])?))", + "required": true, + "type": "string" + }, + "region": { + "description": "The name of the region for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?", + "required": true, + "type": "string" + }, + "resource": { + "description": "Name or id of the resource for this request.", + "location": "path", + "pattern": "[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?|[1-9][0-9]{0,19}", + "required": true, + "type": "string" + } + }, + "path": "projects/{project}/regions/{region}/backendServices/{resource}/setIamPolicy", + "request": { + "$ref": "RegionSetPolicyRequest" + }, + "response": { + "$ref": "Policy" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute" + ] + }, "testIamPermissions": { "description": "Returns permissions that a caller has on the specified resource.", "httpMethod": "POST", @@ -31304,7 +31472,7 @@ } } }, - "revision": "20210518", + "revision": "20210525", "rootUrl": "https://compute.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -33948,7 +34116,7 @@ "type": "string" }, "sessionAffinity": { - "description": "Type of session affinity to use. The default is NONE.\n\nWhen the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.\n\nWhen the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.\n\nNot supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", + "description": "Type of session affinity to use. The default is NONE.\n\nWhen the loadBalancingScheme is EXTERNAL:\n\n* For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.\n\nWhen the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.\n\nNot supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", "enum": [ "CLIENT_IP", "CLIENT_IP_NO_DESTINATION", @@ -40107,7 +40275,7 @@ }, "faultInjectionPolicy": { "$ref": "HttpFaultInjection", - "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests.\ntimeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy." + "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,\ntimeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy." }, "maxStreamDuration": { "$ref": "Duration", @@ -45132,7 +45300,7 @@ "type": "string" }, "state": { - "description": "State of this notification, which can take one of the following values: \n- ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. \n- CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with \"NS_\" have been deprecated in favor of the unprefixed values.", + "description": "State of this notification, which can take one of the following values: \n- ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. \n- CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. \n- COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with \"NS_\" have been deprecated in favor of the unprefixed values.", "enum": [ "ACTIVE", "CANCELLED", @@ -55302,7 +55470,7 @@ "type": "string" }, "subnetwork": { - "description": "The URL of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here.", + "description": "The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here.", "type": "string" } }, @@ -58791,12 +58959,14 @@ "INTERNAL_HTTPS_LOAD_BALANCER", "PRIVATE", "PRIVATE_RFC_1918", - "PRIVATE_SERVICE_CONNECT" + "PRIVATE_SERVICE_CONNECT", + "REGIONAL_MANAGED_PROXY" ], "enumDescriptions": [ "", "", "", + "", "" ], "type": "string" @@ -59290,7 +59460,7 @@ "type": "object" }, "Subsetting": { - "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing and Internal HTTP(S) load balancing.", + "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.", "id": "Subsetting", "properties": { "policy": { diff --git a/googleapiclient/discovery_cache/documents/compute.v1.json b/googleapiclient/discovery_cache/documents/compute.v1.json index c660dadbfef..55470b63cb8 100644 --- a/googleapiclient/discovery_cache/documents/compute.v1.json +++ b/googleapiclient/discovery_cache/documents/compute.v1.json @@ -29,7 +29,7 @@ "description": "Creates and runs virtual machines on Google Cloud Platform.", "discoveryVersion": "v1", "documentationLink": "https://developers.google.com/compute/docs/reference/latest/", - "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/ZaZJQHlGpem6MpLhBwASZW1zrzE\"", + "etag": "\"uWj2hSb4GVjzdDlAnRd2gbM1ZQ8/AWlC1CUhDio0ZwFn0uNZXPL9SGU\"", "icons": { "x16": "https://www.google.com/images/icons/product/compute_engine-16.png", "x32": "https://www.google.com/images/icons/product/compute_engine-32.png" @@ -2984,7 +2984,7 @@ ] }, "list": { - "description": "Lists all the policies that have been configured for the specified project.", + "description": "Lists all the policies that have been configured for the specified folder or organization.", "httpMethod": "GET", "id": "compute.firewallPolicies.list", "parameters": { @@ -27120,7 +27120,7 @@ } } }, - "revision": "20210518", + "revision": "20210525", "rootUrl": "https://compute.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -29643,7 +29643,7 @@ "type": "string" }, "sessionAffinity": { - "description": "Type of session affinity to use. The default is NONE.\n\nWhen the loadBalancingScheme is EXTERNAL: * For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.\n\nWhen the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.\n\nNot supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", + "description": "Type of session affinity to use. The default is NONE.\n\nWhen the loadBalancingScheme is EXTERNAL:\n\n* For Network Load Balancing, the possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO. * For all other load balancers that use loadBalancingScheme=EXTERNAL, the possible values are NONE, CLIENT_IP, or GENERATED_COOKIE. * You can use GENERATED_COOKIE if the protocol is HTTP, HTTP2, or HTTPS.\n\nWhen the loadBalancingScheme is INTERNAL, possible values are NONE, CLIENT_IP, CLIENT_IP_PROTO, or CLIENT_IP_PORT_PROTO.\n\nWhen the loadBalancingScheme is INTERNAL_SELF_MANAGED, or INTERNAL_MANAGED, possible values are NONE, CLIENT_IP, GENERATED_COOKIE, HEADER_FIELD, or HTTP_COOKIE.\n\nNot supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", "enum": [ "CLIENT_IP", "CLIENT_IP_NO_DESTINATION", @@ -35380,7 +35380,7 @@ }, "faultInjectionPolicy": { "$ref": "HttpFaultInjection", - "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests.\ntimeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy." + "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the Loadbalancer for a percentage of requests. For the requests impacted by fault injection,\ntimeout and retry_policy will be ignored by clients that are configured with a fault_injection_policy." }, "maxStreamDuration": { "$ref": "Duration", @@ -40170,7 +40170,7 @@ "type": "string" }, "state": { - "description": "State of this notification, which can take one of the following values: \n- ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. \n- CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. Note that the versions of this enum prefixed with \"NS_\" have been deprecated in favor of the unprefixed values.", + "description": "State of this notification, which can take one of the following values: \n- ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. \n- CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. \n- COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with \"NS_\" have been deprecated in favor of the unprefixed values.", "enum": [ "ACTIVE", "CANCELLED", diff --git a/googleapiclient/discovery_cache/documents/container.v1.json b/googleapiclient/discovery_cache/documents/container.v1.json index d1c9e6ba5b8..67b6e43a047 100644 --- a/googleapiclient/discovery_cache/documents/container.v1.json +++ b/googleapiclient/discovery_cache/documents/container.v1.json @@ -2459,7 +2459,7 @@ } } }, - "revision": "20210517", + "revision": "20210521", "rootUrl": "https://container.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -2575,6 +2575,10 @@ "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'", "type": "string" }, + "imageType": { + "description": "The image type to use for NAP created node.", + "type": "string" + }, "management": { "$ref": "NodeManagement", "description": "Specifies the node management options for NAP created node-pools." diff --git a/googleapiclient/discovery_cache/documents/container.v1beta1.json b/googleapiclient/discovery_cache/documents/container.v1beta1.json index d6323321bdb..9924353fb3e 100644 --- a/googleapiclient/discovery_cache/documents/container.v1beta1.json +++ b/googleapiclient/discovery_cache/documents/container.v1beta1.json @@ -2484,7 +2484,7 @@ } } }, - "revision": "20210517", + "revision": "20210521", "rootUrl": "https://container.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -2612,6 +2612,10 @@ "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'", "type": "string" }, + "imageType": { + "description": "The image type to use for NAP created node.", + "type": "string" + }, "management": { "$ref": "NodeManagement", "description": "NodeManagement configuration for this NodePool." @@ -4400,7 +4404,7 @@ "type": "object" }, "NodePool": { - "description": "NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload.", + "description": "NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload. These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available.", "id": "NodePool", "properties": { "autoscaling": { @@ -5840,7 +5844,6 @@ "type": "object" }, "UpgradeSettings": { - "description": "These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available.", "id": "UpgradeSettings", "properties": { "maxSurge": { diff --git a/googleapiclient/discovery_cache/documents/customsearch.v1.json b/googleapiclient/discovery_cache/documents/customsearch.v1.json index 182a2cb23b1..6491ecd2a7a 100644 --- a/googleapiclient/discovery_cache/documents/customsearch.v1.json +++ b/googleapiclient/discovery_cache/documents/customsearch.v1.json @@ -674,7 +674,7 @@ } } }, - "revision": "20210601", + "revision": "20210603", "rootUrl": "https://customsearch.googleapis.com/", "schemas": { "Promotion": { diff --git a/googleapiclient/discovery_cache/documents/dataproc.v1.json b/googleapiclient/discovery_cache/documents/dataproc.v1.json index 6573b0cb280..0a792f302bf 100644 --- a/googleapiclient/discovery_cache/documents/dataproc.v1.json +++ b/googleapiclient/discovery_cache/documents/dataproc.v1.json @@ -2260,7 +2260,7 @@ } } }, - "revision": "20210507", + "revision": "20210521", "rootUrl": "https://dataproc.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -3241,8 +3241,12 @@ "description": "The user-friendly name of the Compute Engine instance.", "type": "string" }, + "publicEciesKey": { + "description": "The public ECIES key used for sharing data with this instance.", + "type": "string" + }, "publicKey": { - "description": "The public key used for sharing data with this instance.", + "description": "The public RSA key used for sharing data with this instance.", "type": "string" } }, diff --git a/googleapiclient/discovery_cache/documents/dataproc.v1beta2.json b/googleapiclient/discovery_cache/documents/dataproc.v1beta2.json index 6fd5a865bd1..ed6f4b3c3b4 100644 --- a/googleapiclient/discovery_cache/documents/dataproc.v1beta2.json +++ b/googleapiclient/discovery_cache/documents/dataproc.v1beta2.json @@ -2291,7 +2291,7 @@ } } }, - "revision": "20210507", + "revision": "20210521", "rootUrl": "https://dataproc.googleapis.com/", "schemas": { "AcceleratorConfig": { diff --git a/googleapiclient/discovery_cache/documents/deploymentmanager.alpha.json b/googleapiclient/discovery_cache/documents/deploymentmanager.alpha.json index 5847dd0c873..18c502733a2 100644 --- a/googleapiclient/discovery_cache/documents/deploymentmanager.alpha.json +++ b/googleapiclient/discovery_cache/documents/deploymentmanager.alpha.json @@ -1588,7 +1588,7 @@ } } }, - "revision": "20210521", + "revision": "20210527", "rootUrl": "https://deploymentmanager.googleapis.com/", "schemas": { "AsyncOptions": { diff --git a/googleapiclient/discovery_cache/documents/deploymentmanager.v2.json b/googleapiclient/discovery_cache/documents/deploymentmanager.v2.json index 7ac0fac11ce..37e84359432 100644 --- a/googleapiclient/discovery_cache/documents/deploymentmanager.v2.json +++ b/googleapiclient/discovery_cache/documents/deploymentmanager.v2.json @@ -988,7 +988,7 @@ } } }, - "revision": "20210521", + "revision": "20210527", "rootUrl": "https://deploymentmanager.googleapis.com/", "schemas": { "AuditConfig": { diff --git a/googleapiclient/discovery_cache/documents/deploymentmanager.v2beta.json b/googleapiclient/discovery_cache/documents/deploymentmanager.v2beta.json index b61345cac42..70044225512 100644 --- a/googleapiclient/discovery_cache/documents/deploymentmanager.v2beta.json +++ b/googleapiclient/discovery_cache/documents/deploymentmanager.v2beta.json @@ -1552,7 +1552,7 @@ } } }, - "revision": "20210521", + "revision": "20210527", "rootUrl": "https://deploymentmanager.googleapis.com/", "schemas": { "AsyncOptions": { diff --git a/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json b/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json index eb7f8038308..b2408849163 100644 --- a/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json +++ b/googleapiclient/discovery_cache/documents/essentialcontacts.v1.json @@ -850,7 +850,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://essentialcontacts.googleapis.com/", "schemas": { "GoogleCloudEssentialcontactsV1ComputeContactsResponse": { diff --git a/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json b/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json index 47532c1f88c..5426158ba96 100644 --- a/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json +++ b/googleapiclient/discovery_cache/documents/eventarc.v1beta1.json @@ -584,7 +584,7 @@ } } }, - "revision": "20210514", + "revision": "20210527", "rootUrl": "https://eventarc.googleapis.com/", "schemas": { "AuditConfig": { diff --git a/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json b/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json index b63e5ee212c..1fbb03b27bc 100644 --- a/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json +++ b/googleapiclient/discovery_cache/documents/factchecktools.v1alpha1.json @@ -304,7 +304,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://factchecktools.googleapis.com/", "schemas": { "GoogleFactcheckingFactchecktoolsV1alpha1Claim": { diff --git a/googleapiclient/discovery_cache/documents/firebase.v1beta1.json b/googleapiclient/discovery_cache/documents/firebase.v1beta1.json index 2f5f52e623c..b5bb2a1b13c 100644 --- a/googleapiclient/discovery_cache/documents/firebase.v1beta1.json +++ b/googleapiclient/discovery_cache/documents/firebase.v1beta1.json @@ -1121,7 +1121,7 @@ } } }, - "revision": "20210528", + "revision": "20210602", "rootUrl": "https://firebase.googleapis.com/", "schemas": { "AddFirebaseRequest": { diff --git a/googleapiclient/discovery_cache/documents/firebasedatabase.v1beta.json b/googleapiclient/discovery_cache/documents/firebasedatabase.v1beta.json index 5d11a106a6c..33fa75a2c29 100644 --- a/googleapiclient/discovery_cache/documents/firebasedatabase.v1beta.json +++ b/googleapiclient/discovery_cache/documents/firebasedatabase.v1beta.json @@ -317,7 +317,7 @@ } } }, - "revision": "20210528", + "revision": "20210602", "rootUrl": "https://firebasedatabase.googleapis.com/", "schemas": { "DatabaseInstance": { diff --git a/googleapiclient/discovery_cache/documents/gameservices.v1beta.json b/googleapiclient/discovery_cache/documents/gameservices.v1beta.json index c3774ba2b53..aac3ca3c592 100644 --- a/googleapiclient/discovery_cache/documents/gameservices.v1beta.json +++ b/googleapiclient/discovery_cache/documents/gameservices.v1beta.json @@ -1357,7 +1357,7 @@ } } }, - "revision": "20210520", + "revision": "20210527", "rootUrl": "https://gameservices.googleapis.com/", "schemas": { "AuditConfig": { @@ -2082,8 +2082,8 @@ "The combination of Agones and Kubernetes versions is supported by Google Cloud Game Servers.", "The installed version of Agones is not supported by Google Cloud Game Servers.", "The installed version of Agones is supported by Google Cloud Game Servers, but the installed version of Kubernetes is not recommended or supported by the version of Agones.", - "The installed version of Agones is not recognized, where the Agones controller's image name does not have version string as {major}.{minor}(.{patch}).", - "The server version of Kubernetes cluster is not recognized, where the API server didn't return parsable version info on path/version.", + "The installed version of Agones is not recognized because the Agones controller's image name does not have a version string reported as {major}.{minor}(.{patch}).", + "The server version of Kubernetes cluster is not recognized because the API server didn't return parsable version info on path/version.", "Failed to read or verify the version of Agones or Kubernetes. See version_installed_error_message for details.", "Agones is not installed." ], diff --git a/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json b/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json index 5b13f772a5c..fdaead45d07 100644 --- a/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json +++ b/googleapiclient/discovery_cache/documents/gkehub.v1beta1.json @@ -706,7 +706,7 @@ } } }, - "revision": "20210521", + "revision": "20210601", "rootUrl": "https://gkehub.googleapis.com/", "schemas": { "AuditConfig": { diff --git a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json index 3be284d3d03..deecb75b824 100644 --- a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json +++ b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1.json @@ -265,7 +265,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://gmailpostmastertools.googleapis.com/", "schemas": { "DeliveryError": { diff --git a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json index b67224155f7..d1b6f0556a1 100644 --- a/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json +++ b/googleapiclient/discovery_cache/documents/gmailpostmastertools.v1beta1.json @@ -265,7 +265,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://gmailpostmastertools.googleapis.com/", "schemas": { "DeliveryError": { diff --git a/googleapiclient/discovery_cache/documents/healthcare.v1.json b/googleapiclient/discovery_cache/documents/healthcare.v1.json index b389273e969..8b63bd7f18a 100644 --- a/googleapiclient/discovery_cache/documents/healthcare.v1.json +++ b/googleapiclient/discovery_cache/documents/healthcare.v1.json @@ -3920,7 +3920,7 @@ } } }, - "revision": "20210507", + "revision": "20210601", "rootUrl": "https://healthcare.googleapis.com/", "schemas": { "ActivateConsentRequest": { diff --git a/googleapiclient/discovery_cache/documents/healthcare.v1beta1.json b/googleapiclient/discovery_cache/documents/healthcare.v1beta1.json index 3c5680425c5..56a4e8c0672 100644 --- a/googleapiclient/discovery_cache/documents/healthcare.v1beta1.json +++ b/googleapiclient/discovery_cache/documents/healthcare.v1beta1.json @@ -4837,7 +4837,7 @@ } } }, - "revision": "20210507", + "revision": "20210601", "rootUrl": "https://healthcare.googleapis.com/", "schemas": { "ActivateConsentRequest": { diff --git a/googleapiclient/discovery_cache/documents/libraryagent.v1.json b/googleapiclient/discovery_cache/documents/libraryagent.v1.json index 707ec882bb9..dc35a187f56 100644 --- a/googleapiclient/discovery_cache/documents/libraryagent.v1.json +++ b/googleapiclient/discovery_cache/documents/libraryagent.v1.json @@ -279,7 +279,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://libraryagent.googleapis.com/", "schemas": { "GoogleExampleLibraryagentV1Book": { diff --git a/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json b/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json index 0dc20be3541..816501f06cf 100644 --- a/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json +++ b/googleapiclient/discovery_cache/documents/lifesciences.v2beta.json @@ -312,7 +312,7 @@ } } }, - "revision": "20210517", + "revision": "20210527", "rootUrl": "https://lifesciences.googleapis.com/", "schemas": { "Accelerator": { @@ -1135,6 +1135,10 @@ "description": "If true, allocate a preemptible VM.", "type": "boolean" }, + "reservation": { + "description": "If specified, the VM will only be allocated inside the matching reservation. It will fail if the VM parameters don't match the reservation.", + "type": "string" + }, "serviceAccount": { "$ref": "ServiceAccount", "description": "The service account to install on the VM. This account does not need any permissions other than those required by the pipeline." diff --git a/googleapiclient/discovery_cache/documents/localservices.v1.json b/googleapiclient/discovery_cache/documents/localservices.v1.json index 514f9a83e82..94ff9e0f7b7 100644 --- a/googleapiclient/discovery_cache/documents/localservices.v1.json +++ b/googleapiclient/discovery_cache/documents/localservices.v1.json @@ -250,7 +250,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://localservices.googleapis.com/", "schemas": { "GoogleAdsHomeservicesLocalservicesV1AccountReport": { diff --git a/googleapiclient/discovery_cache/documents/monitoring.v1.json b/googleapiclient/discovery_cache/documents/monitoring.v1.json index 9217fd1b3a0..06b01b89497 100644 --- a/googleapiclient/discovery_cache/documents/monitoring.v1.json +++ b/googleapiclient/discovery_cache/documents/monitoring.v1.json @@ -285,7 +285,7 @@ } } }, - "revision": "20210522", + "revision": "20210529", "rootUrl": "https://monitoring.googleapis.com/", "schemas": { "Aggregation": { diff --git a/googleapiclient/discovery_cache/documents/monitoring.v3.json b/googleapiclient/discovery_cache/documents/monitoring.v3.json index 6da65db576b..a693129586b 100644 --- a/googleapiclient/discovery_cache/documents/monitoring.v3.json +++ b/googleapiclient/discovery_cache/documents/monitoring.v3.json @@ -2541,7 +2541,7 @@ } } }, - "revision": "20210522", + "revision": "20210529", "rootUrl": "https://monitoring.googleapis.com/", "schemas": { "Aggregation": { diff --git a/googleapiclient/discovery_cache/documents/osconfig.v1.json b/googleapiclient/discovery_cache/documents/osconfig.v1.json index 1f4cff51461..f91a881dd1f 100644 --- a/googleapiclient/discovery_cache/documents/osconfig.v1.json +++ b/googleapiclient/discovery_cache/documents/osconfig.v1.json @@ -476,7 +476,7 @@ } } }, - "revision": "20210507", + "revision": "20210527", "rootUrl": "https://osconfig.googleapis.com/", "schemas": { "AptSettings": { diff --git a/googleapiclient/discovery_cache/documents/osconfig.v1alpha.json b/googleapiclient/discovery_cache/documents/osconfig.v1alpha.json index 37312906bcd..aa10d0caa73 100644 --- a/googleapiclient/discovery_cache/documents/osconfig.v1alpha.json +++ b/googleapiclient/discovery_cache/documents/osconfig.v1alpha.json @@ -610,7 +610,7 @@ } } }, - "revision": "20210507", + "revision": "20210527", "rootUrl": "https://osconfig.googleapis.com/", "schemas": { "CVSSv3": { @@ -1617,6 +1617,10 @@ "description": "Step performed by the OS Config agent for configuring an `OSPolicyResource` to its desired state.", "id": "OSPolicyResourceConfigStep", "properties": { + "errorMessage": { + "description": "An error message recorded during the execution of this step. Only populated when outcome is FAILED.", + "type": "string" + }, "outcome": { "description": "Outcome of the configuration step.", "enum": [ diff --git a/googleapiclient/discovery_cache/documents/osconfig.v1beta.json b/googleapiclient/discovery_cache/documents/osconfig.v1beta.json index 06d24770eba..a7d6f7991a4 100644 --- a/googleapiclient/discovery_cache/documents/osconfig.v1beta.json +++ b/googleapiclient/discovery_cache/documents/osconfig.v1beta.json @@ -599,7 +599,7 @@ } } }, - "revision": "20210507", + "revision": "20210527", "rootUrl": "https://osconfig.googleapis.com/", "schemas": { "AptRepository": { diff --git a/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json b/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json index 435ee3a37dc..e7d8bb6f507 100644 --- a/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json +++ b/googleapiclient/discovery_cache/documents/pagespeedonline.v5.json @@ -193,13 +193,17 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://pagespeedonline.googleapis.com/", "schemas": { "AuditRefs": { "description": "A light reference to an audit by id, used to group and weight audits in a given category.", "id": "AuditRefs", "properties": { + "acronym": { + "description": "The conventional acronym for the audit/metric.", + "type": "string" + }, "group": { "description": "The category group that the audit belongs to (optional).", "type": "string" @@ -208,6 +212,13 @@ "description": "The audit ref id.", "type": "string" }, + "relevantAudits": { + "description": "Any audit IDs closely relevant to this one.", + "items": { + "type": "string" + }, + "type": "array" + }, "weight": { "description": "The weight this audit's score has on the overall category score.", "format": "double", @@ -370,6 +381,10 @@ "description": "The audit's id.", "type": "string" }, + "numericUnit": { + "description": "The unit of the numeric_value field. Used to format the numeric value for display.", + "type": "string" + }, "numericValue": { "description": "A numeric value that has a meaning specific to the audit, e.g. the number of nodes in the DOM or the timestamp of a specific load event. More information can be found in the audit details, if present.", "format": "double", @@ -599,6 +614,10 @@ "description": "The tooltip text on an expandable chevron icon.", "type": "string" }, + "calculatorLink": { + "description": "Text link pointing to the Lighthouse scoring calculator. This link immediately follows a sentence stating the performance score is calculated from the perf metrics.", + "type": "string" + }, "crcInitialNavigation": { "description": "The label for the initial request in a critical request chain.", "type": "string" @@ -607,6 +626,38 @@ "description": "The label for values shown in the summary of critical request chains.", "type": "string" }, + "dropdownCopyJSON": { + "description": "Option in a dropdown menu that copies the Lighthouse JSON object to the system clipboard.", + "type": "string" + }, + "dropdownDarkTheme": { + "description": "Option in a dropdown menu that toggles the themeing of the report between Light(default) and Dark themes.", + "type": "string" + }, + "dropdownPrintExpanded": { + "description": "Option in a dropdown menu that opens a full Lighthouse report in a print dialog.", + "type": "string" + }, + "dropdownPrintSummary": { + "description": "Option in a dropdown menu that opens a small, summary report in a print dialog.", + "type": "string" + }, + "dropdownSaveGist": { + "description": "Option in a dropdown menu that saves the current report as a new GitHub Gist.", + "type": "string" + }, + "dropdownSaveHTML": { + "description": "Option in a dropdown menu that saves the Lighthouse report HTML locally to the system as a '.html' file.", + "type": "string" + }, + "dropdownSaveJSON": { + "description": "Option in a dropdown menu that saves the Lighthouse JSON object to the local system as a '.json' file.", + "type": "string" + }, + "dropdownViewer": { + "description": "Option in a dropdown menu that opens the current report in the Lighthouse Viewer Application.", + "type": "string" + }, "errorLabel": { "description": "The label shown next to an audit or metric that has had an error.", "type": "string" @@ -615,12 +666,16 @@ "description": "The error string shown next to an erroring audit.", "type": "string" }, + "footerIssue": { + "description": "Label for button to create an issue against the Lighthouse GitHub project.", + "type": "string" + }, "labDataTitle": { "description": "The title of the lab data performance category.", "type": "string" }, "lsPerformanceCategoryDescription": { - "description": "The disclaimer shown under performance explaning that the network can vary.", + "description": "The disclaimer shown under performance explaining that the network can vary.", "type": "string" }, "manualAuditsGroupTitle": { @@ -643,10 +698,90 @@ "description": "The heading that is shown above a list of audits that are passing.", "type": "string" }, + "runtimeDesktopEmulation": { + "description": "Descriptive explanation for emulation setting when emulating a generic desktop form factor, as opposed to a mobile-device like form factor.", + "type": "string" + }, + "runtimeMobileEmulation": { + "description": "Descriptive explanation for emulation setting when emulating a Nexus 5X mobile device.", + "type": "string" + }, + "runtimeNoEmulation": { + "description": "Descriptive explanation for emulation setting when no device emulation is set.", + "type": "string" + }, + "runtimeSettingsAxeVersion": { + "description": "Label for a row in a table that shows the version of the Axe library used", + "type": "string" + }, + "runtimeSettingsBenchmark": { + "description": "Label for a row in a table that shows the estimated CPU power of the machine running Lighthouse. Example row values: 532, 1492, 783.", + "type": "string" + }, + "runtimeSettingsCPUThrottling": { + "description": "Label for a row in a table that describes the CPU throttling conditions that were used during a Lighthouse run, if any.", + "type": "string" + }, + "runtimeSettingsChannel": { + "description": "Label for a row in a table that shows in what tool Lighthouse is being run (e.g. The lighthouse CLI, Chrome DevTools, Lightrider, WebPageTest, etc).", + "type": "string" + }, + "runtimeSettingsDevice": { + "description": "Label for a row in a table that describes the kind of device that was emulated for the Lighthouse run. Example values for row elements: 'No Emulation', 'Emulated Desktop', etc.", + "type": "string" + }, + "runtimeSettingsFetchTime": { + "description": "Label for a row in a table that shows the time at which a Lighthouse run was conducted; formatted as a timestamp, e.g. Jan 1, 1970 12:00 AM UTC.", + "type": "string" + }, + "runtimeSettingsNetworkThrottling": { + "description": "Label for a row in a table that describes the network throttling conditions that were used during a Lighthouse run, if any.", + "type": "string" + }, + "runtimeSettingsTitle": { + "description": "Title of the Runtime settings table in a Lighthouse report. Runtime settings are the environment configurations that a specific report used at auditing time.", + "type": "string" + }, + "runtimeSettingsUA": { + "description": "Label for a row in a table that shows the User Agent that was detected on the Host machine that ran Lighthouse.", + "type": "string" + }, + "runtimeSettingsUANetwork": { + "description": "Label for a row in a table that shows the User Agent that was used to send out all network requests during the Lighthouse run.", + "type": "string" + }, + "runtimeSettingsUrl": { + "description": "Label for a row in a table that shows the URL that was audited during a Lighthouse run.", + "type": "string" + }, + "runtimeUnknown": { + "description": "Descriptive explanation for a runtime setting that is set to an unknown value.", + "type": "string" + }, "scorescaleLabel": { "description": "The label that explains the score gauges scale (0-49, 50-89, 90-100).", "type": "string" }, + "showRelevantAudits": { + "description": "Label preceding a radio control for filtering the list of audits. The radio choices are various performance metrics (FCP, LCP, TBT), and if chosen, the audits in the report are hidden if they are not relevant to the selected metric.", + "type": "string" + }, + "snippetCollapseButtonLabel": { + "description": "The label for the button to show only a few lines of a snippet", + "type": "string" + }, + "snippetExpandButtonLabel": { + "description": "The label for the button to show all lines of a snippet", + "type": "string" + }, + "thirdPartyResourcesLabel": { + "description": "This label is for a filter checkbox above a table of items", + "type": "string" + }, + "throttlingProvided": { + "description": "Descriptive explanation for environment throttling that was provided by the runtime environment instead of provided by Lighthouse throttling.", + "type": "string" + }, "toplevelWarningsMessage": { "description": "The label shown preceding important warnings that may have invalidated an entire report.", "type": "string" @@ -655,6 +790,14 @@ "description": "The disclaimer shown below a performance metric value.", "type": "string" }, + "viewTreemapLabel": { + "description": "Label for a button that opens the Treemap App", + "type": "string" + }, + "warningAuditsGroupTitle": { + "description": "The heading that is shown above a list of audits that have warnings", + "type": "string" + }, "warningHeader": { "description": "The label shown above a bulleted list of warnings.", "type": "string" diff --git a/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json b/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json index 55b0d29f07f..d8106067c46 100644 --- a/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json +++ b/googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json @@ -366,7 +366,7 @@ } } }, - "revision": "20210603", + "revision": "20210604", "rootUrl": "https://paymentsresellersubscription.googleapis.com/", "schemas": { "GoogleCloudPaymentsResellerSubscriptionV1CancelSubscriptionRequest": { diff --git a/googleapiclient/discovery_cache/documents/people.v1.json b/googleapiclient/discovery_cache/documents/people.v1.json index 523bb51dba9..28397427798 100644 --- a/googleapiclient/discovery_cache/documents/people.v1.json +++ b/googleapiclient/discovery_cache/documents/people.v1.json @@ -1154,7 +1154,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://people.googleapis.com/", "schemas": { "Address": { diff --git a/googleapiclient/discovery_cache/documents/playcustomapp.v1.json b/googleapiclient/discovery_cache/documents/playcustomapp.v1.json index 3771f1ecc66..f0239b6c0b4 100644 --- a/googleapiclient/discovery_cache/documents/playcustomapp.v1.json +++ b/googleapiclient/discovery_cache/documents/playcustomapp.v1.json @@ -158,7 +158,7 @@ } } }, - "revision": "20210601", + "revision": "20210602", "rootUrl": "https://playcustomapp.googleapis.com/", "schemas": { "CustomApp": { diff --git a/googleapiclient/discovery_cache/documents/privateca.v1.json b/googleapiclient/discovery_cache/documents/privateca.v1.json index 129c8b7014e..190b01c8d77 100644 --- a/googleapiclient/discovery_cache/documents/privateca.v1.json +++ b/googleapiclient/discovery_cache/documents/privateca.v1.json @@ -179,6 +179,127 @@ "resources": { "caPools": { "methods": { + "create": { + "description": "Create a CaPool.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools", + "httpMethod": "POST", + "id": "privateca.projects.locations.caPools.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "caPoolId": { + "description": "Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the location associated with the CaPool, in the format `projects/*/locations/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+parent}/caPools", + "request": { + "$ref": "CaPool" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Delete a CaPool.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}", + "httpMethod": "DELETE", + "id": "privateca.projects.locations.caPools.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "fetchCaCerts": { + "description": "FetchCaCerts returns the current trust anchor for the CaPool. This will include CA certificate chains for all ACTIVE CertificateAuthority resources in the CaPool.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:fetchCaCerts", + "httpMethod": "POST", + "id": "privateca.projects.locations.caPools.fetchCaCerts", + "parameterOrder": [ + "caPool" + ], + "parameters": { + "caPool": { + "description": "Required. The resource name for the CaPool in the format `projects/*/locations/*/caPools/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+caPool}:fetchCaCerts", + "request": { + "$ref": "FetchCaCertsRequest" + }, + "response": { + "$ref": "FetchCaCertsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "Returns a CaPool.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}", + "httpMethod": "GET", + "id": "privateca.projects.locations.caPools.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the CaPool to get.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "CaPool" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "getIamPolicy": { "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:getIamPolicy", @@ -210,6 +331,91 @@ "https://www.googleapis.com/auth/cloud-platform" ] }, + "list": { + "description": "Lists CaPools.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools", + "httpMethod": "GET", + "id": "privateca.projects.locations.caPools.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Optional. Only include resources that match the filter in the response.", + "location": "query", + "type": "string" + }, + "orderBy": { + "description": "Optional. Specify how the results should be sorted.", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "Optional. Limit on the number of CaPools to include in the response. Further CaPools can subsequently be obtained by including the ListCaPoolsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. Pagination token, returned earlier via ListCaPoolsResponse.next_page_token.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the location associated with the CaPools, in the format `projects/*/locations/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+parent}/caPools", + "response": { + "$ref": "ListCaPoolsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Update a CaPool.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}", + "httpMethod": "PATCH", + "id": "privateca.projects.locations.caPools.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Output only. The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + }, + "updateMask": { + "description": "Required. A list of fields to be updated in this request.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}", + "request": { + "$ref": "CaPool" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "setIamPolicy": { "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}:setIamPolicy", @@ -269,9 +475,356 @@ }, "resources": { "certificateAuthorities": { + "methods": { + "activate": { + "description": "Activate a CertificateAuthority that is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. After the parent Certificate Authority signs a certificate signing request from FetchCertificateAuthorityCsr, this method can complete the activation process.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:activate", + "httpMethod": "POST", + "id": "privateca.projects.locations.caPools.certificateAuthorities.activate", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}:activate", + "request": { + "$ref": "ActivateCertificateAuthorityRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "create": { + "description": "Create a new CertificateAuthority in a given Project and Location.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities", + "httpMethod": "POST", + "id": "privateca.projects.locations.caPools.certificateAuthorities.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "certificateAuthorityId": { + "description": "Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the CaPool associated with the CertificateAuthorities, in the format `projects/*/locations/*/caPools/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+parent}/certificateAuthorities", + "request": { + "$ref": "CertificateAuthority" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "Delete a CertificateAuthority.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}", + "httpMethod": "DELETE", + "id": "privateca.projects.locations.caPools.certificateAuthorities.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "ignoreActiveCertificates": { + "description": "Optional. This field allows the CA to be deleted even if the CA has active certs. Active certs include both unrevoked and unexpired certs.", + "location": "query", + "type": "boolean" + }, + "name": { + "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "disable": { + "description": "Disable a CertificateAuthority.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:disable", + "httpMethod": "POST", + "id": "privateca.projects.locations.caPools.certificateAuthorities.disable", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}:disable", + "request": { + "$ref": "DisableCertificateAuthorityRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "enable": { + "description": "Enable a CertificateAuthority.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:enable", + "httpMethod": "POST", + "id": "privateca.projects.locations.caPools.certificateAuthorities.enable", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}:enable", + "request": { + "$ref": "EnableCertificateAuthorityRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "fetch": { + "description": "Fetch a certificate signing request (CSR) from a CertificateAuthority that is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. The CSR must then be signed by the desired parent Certificate Authority, which could be another CertificateAuthority resource, or could be an on-prem certificate authority. See also ActivateCertificateAuthority.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:fetch", + "httpMethod": "GET", + "id": "privateca.projects.locations.caPools.certificateAuthorities.fetch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}:fetch", + "response": { + "$ref": "FetchCertificateAuthorityCsrResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "Returns a CertificateAuthority.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}", + "httpMethod": "GET", + "id": "privateca.projects.locations.caPools.certificateAuthorities.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the CertificateAuthority to get.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "CertificateAuthority" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "list": { + "description": "Lists CertificateAuthorities.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities", + "httpMethod": "GET", + "id": "privateca.projects.locations.caPools.certificateAuthorities.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Optional. Only include resources that match the filter in the response.", + "location": "query", + "type": "string" + }, + "orderBy": { + "description": "Optional. Specify how the results should be sorted.", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "Optional. Limit on the number of CertificateAuthorities to include in the response. Further CertificateAuthorities can subsequently be obtained by including the ListCertificateAuthoritiesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. Pagination token, returned earlier via ListCertificateAuthoritiesResponse.next_page_token.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the CaPool associated with the CertificateAuthorities, in the format `projects/*/locations/*/caPools/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+parent}/certificateAuthorities", + "response": { + "$ref": "ListCertificateAuthoritiesResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Update a CertificateAuthority.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}", + "httpMethod": "PATCH", + "id": "privateca.projects.locations.caPools.certificateAuthorities.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Output only. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + }, + "updateMask": { + "description": "Required. A list of fields to be updated in this request.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}", + "request": { + "$ref": "CertificateAuthority" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "undelete": { + "description": "Undelete a CertificateAuthority that has been deleted.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}:undelete", + "httpMethod": "POST", + "id": "privateca.projects.locations.caPools.certificateAuthorities.undelete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}:undelete", + "request": { + "$ref": "UndeleteCertificateAuthorityRequest" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + }, "resources": { "certificateRevocationLists": { "methods": { + "get": { + "description": "Returns a CertificateRevocationList.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}", + "httpMethod": "GET", + "id": "privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the CertificateRevocationList to get.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+/certificateRevocationLists/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "CertificateRevocationList" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "getIamPolicy": { "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:getIamPolicy", @@ -303,6 +856,91 @@ "https://www.googleapis.com/auth/cloud-platform" ] }, + "list": { + "description": "Lists CertificateRevocationLists.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists", + "httpMethod": "GET", + "id": "privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Optional. Only include resources that match the filter in the response.", + "location": "query", + "type": "string" + }, + "orderBy": { + "description": "Optional. Specify how the results should be sorted.", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "Optional. Limit on the number of CertificateRevocationLists to include in the response. Further CertificateRevocationLists can subsequently be obtained by including the ListCertificateRevocationListsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. Pagination token, returned earlier via ListCertificateRevocationListsResponse.next_page_token.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the location associated with the CertificateRevocationLists, in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+parent}/certificateRevocationLists", + "response": { + "$ref": "ListCertificateRevocationListsResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Update a CertificateRevocationList.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}", + "httpMethod": "PATCH", + "id": "privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Output only. The resource name for this CertificateRevocationList in the format `projects/*/locations/*/caPools/*certificateAuthorities/*/ certificateRevocationLists/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificateAuthorities/[^/]+/certificateRevocationLists/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + }, + "updateMask": { + "description": "Required. A list of fields to be updated in this request.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}", + "request": { + "$ref": "CertificateRevocationList" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "setIamPolicy": { "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificateAuthorities/{certificateAuthoritiesId}/certificateRevocationLists/{certificateRevocationListsId}:setIamPolicy", @@ -362,17 +1000,300 @@ } } } - } - } - }, - "certificateTemplates": { - "methods": { - "getIamPolicy": { - "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", - "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}:getIamPolicy", - "httpMethod": "GET", - "id": "privateca.projects.locations.certificateTemplates.getIamPolicy", - "parameterOrder": [ + }, + "certificates": { + "methods": { + "create": { + "description": "Create a new Certificate in a given Project, Location from a particular CaPool.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates", + "httpMethod": "POST", + "id": "privateca.projects.locations.caPools.certificates.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "certificateId": { + "description": "Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.", + "location": "query", + "type": "string" + }, + "issuingCertificateAuthorityId": { + "description": "Optional. The resource ID of the CertificateAuthority that should issue the certificate. This optional field will ignore the load-balancing scheme of the Pool and directly issue the certificate from the CA with the specified ID, contained in the same CaPool referenced by `parent`. Per-CA quota rules apply. If left empty, a CertificateAuthority will be chosen from the CaPool by the service. For example, to issue a Certificate from a Certificate Authority with resource name \"projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca\", you can set the parent to \"projects/my-project/locations/us-central1/caPools/my-pool\" and the issuing_certificate_authority_id to \"my-ca\".", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the CaPool associated with the Certificate, in the format `projects/*/locations/*/caPools/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + }, + "validateOnly": { + "description": "Optional. If this is true, no Certificate resource will be persisted regardless of the CaPool's tier, and the returned Certificate will not contain the pem_certificate field.", + "location": "query", + "type": "boolean" + } + }, + "path": "v1/{+parent}/certificates", + "request": { + "$ref": "Certificate" + }, + "response": { + "$ref": "Certificate" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "Returns a Certificate.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates/{certificatesId}", + "httpMethod": "GET", + "id": "privateca.projects.locations.caPools.certificates.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the Certificate to get.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificates/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "Certificate" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "list": { + "description": "Lists Certificates.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates", + "httpMethod": "GET", + "id": "privateca.projects.locations.caPools.certificates.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Optional. Only include resources that match the filter in the response. For details on supported filters and syntax, see [Certificates Filtering documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support).", + "location": "query", + "type": "string" + }, + "orderBy": { + "description": "Optional. Specify how the results should be sorted. For details on supported fields and syntax, see [Certificates Sorting documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#sorting_support).", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "Optional. Limit on the number of Certificates to include in the response. Further Certificates can subsequently be obtained by including the ListCertificatesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. Pagination token, returned earlier via ListCertificatesResponse.next_page_token.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the location associated with the Certificates, in the format `projects/*/locations/*/caPools/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+parent}/certificates", + "response": { + "$ref": "ListCertificatesResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Update a Certificate. Currently, the only field you can update is the labels field.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates/{certificatesId}", + "httpMethod": "PATCH", + "id": "privateca.projects.locations.caPools.certificates.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificates/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + }, + "updateMask": { + "description": "Required. A list of fields to be updated in this request.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}", + "request": { + "$ref": "Certificate" + }, + "response": { + "$ref": "Certificate" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "revoke": { + "description": "Revoke a Certificate.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/caPools/{caPoolsId}/certificates/{certificatesId}:revoke", + "httpMethod": "POST", + "id": "privateca.projects.locations.caPools.certificates.revoke", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/caPools/[^/]+/certificates/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}:revoke", + "request": { + "$ref": "RevokeCertificateRequest" + }, + "response": { + "$ref": "Certificate" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + } + } + } + } + }, + "certificateTemplates": { + "methods": { + "create": { + "description": "Create a new CertificateTemplate in a given Project and Location.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates", + "httpMethod": "POST", + "id": "privateca.projects.locations.certificateTemplates.create", + "parameterOrder": [ + "parent" + ], + "parameters": { + "certificateTemplateId": { + "description": "Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the location associated with the CertificateTemplate, in the format `projects/*/locations/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+parent}/certificateTemplates", + "request": { + "$ref": "CertificateTemplate" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "delete": { + "description": "DeleteCertificateTemplate deletes a CertificateTemplate.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}", + "httpMethod": "DELETE", + "id": "privateca.projects.locations.certificateTemplates.delete", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/certificateTemplates/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "get": { + "description": "Returns a CertificateTemplate.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}", + "httpMethod": "GET", + "id": "privateca.projects.locations.certificateTemplates.get", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Required. The name of the CertificateTemplate to get.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/certificateTemplates/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+name}", + "response": { + "$ref": "CertificateTemplate" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "getIamPolicy": { + "description": "Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}:getIamPolicy", + "httpMethod": "GET", + "id": "privateca.projects.locations.certificateTemplates.getIamPolicy", + "parameterOrder": [ "resource" ], "parameters": { @@ -398,6 +1319,91 @@ "https://www.googleapis.com/auth/cloud-platform" ] }, + "list": { + "description": "Lists CertificateTemplates.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates", + "httpMethod": "GET", + "id": "privateca.projects.locations.certificateTemplates.list", + "parameterOrder": [ + "parent" + ], + "parameters": { + "filter": { + "description": "Optional. Only include resources that match the filter in the response.", + "location": "query", + "type": "string" + }, + "orderBy": { + "description": "Optional. Specify how the results should be sorted.", + "location": "query", + "type": "string" + }, + "pageSize": { + "description": "Optional. Limit on the number of CertificateTemplates to include in the response. Further CertificateTemplates can subsequently be obtained by including the ListCertificateTemplatesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.", + "format": "int32", + "location": "query", + "type": "integer" + }, + "pageToken": { + "description": "Optional. Pagination token, returned earlier via ListCertificateTemplatesResponse.next_page_token.", + "location": "query", + "type": "string" + }, + "parent": { + "description": "Required. The resource name of the location associated with the CertificateTemplates, in the format `projects/*/locations/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+$", + "required": true, + "type": "string" + } + }, + "path": "v1/{+parent}/certificateTemplates", + "response": { + "$ref": "ListCertificateTemplatesResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, + "patch": { + "description": "Update a CertificateTemplate.", + "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}", + "httpMethod": "PATCH", + "id": "privateca.projects.locations.certificateTemplates.patch", + "parameterOrder": [ + "name" + ], + "parameters": { + "name": { + "description": "Output only. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.", + "location": "path", + "pattern": "^projects/[^/]+/locations/[^/]+/certificateTemplates/[^/]+$", + "required": true, + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "location": "query", + "type": "string" + }, + "updateMask": { + "description": "Required. A list of fields to be updated in this request.", + "format": "google-fieldmask", + "location": "query", + "type": "string" + } + }, + "path": "v1/{+name}", + "request": { + "$ref": "CertificateTemplate" + }, + "response": { + "$ref": "Operation" + }, + "scopes": [ + "https://www.googleapis.com/auth/cloud-platform" + ] + }, "setIamPolicy": { "description": "Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/certificateTemplates/{certificateTemplatesId}:setIamPolicy", @@ -584,9 +1590,61 @@ } } }, - "revision": "20210525", + "revision": "20210601", "rootUrl": "https://privateca.googleapis.com/", "schemas": { + "AccessUrls": { + "description": "URLs where a CertificateAuthority will publish content.", + "id": "AccessUrls", + "properties": { + "caCertificateAccessUrl": { + "description": "The URL where this CertificateAuthority's CA certificate is published. This will only be set for CAs that have been activated.", + "type": "string" + }, + "crlAccessUrls": { + "description": "The URLs where this CertificateAuthority's CRLs are published. This will only be set for CAs that have been activated.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ActivateCertificateAuthorityRequest": { + "description": "Request message for CertificateAuthorityService.ActivateCertificateAuthority.", + "id": "ActivateCertificateAuthorityRequest", + "properties": { + "pemCaCertificate": { + "description": "Required. The signed CA certificate issued from FetchCertificateAuthorityCsrResponse.pem_csr.", + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "type": "string" + }, + "subordinateConfig": { + "$ref": "SubordinateConfig", + "description": "Required. Must include information about the issuer of 'pem_ca_certificate', and any further issuers until the self-signed CA." + } + }, + "type": "object" + }, + "AllowedKeyType": { + "description": "Describes a \"type\" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.", + "id": "AllowedKeyType", + "properties": { + "ellipticCurve": { + "$ref": "EcKeyType", + "description": "Represents an allowed Elliptic Curve key type." + }, + "rsa": { + "$ref": "RsaKeyType", + "description": "Represents an allowed RSA key type." + } + }, + "type": "object" + }, "AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.", "id": "AuditConfig", @@ -635,59 +1693,1008 @@ }, "type": "object" }, - "Binding": { - "description": "Associates `members` with a `role`.", - "id": "Binding", + "Binding": { + "description": "Associates `members` with a `role`.", + "id": "Binding", + "properties": { + "condition": { + "$ref": "Expr", + "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." + }, + "members": { + "description": "Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "items": { + "type": "string" + }, + "type": "array" + }, + "role": { + "description": "Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.", + "type": "string" + } + }, + "type": "object" + }, + "CaOptions": { + "description": "Describes values that are relevant in a CA certificate.", + "id": "CaOptions", + "properties": { + "isCa": { + "description": "Optional. Refers to the \"CA\" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.", + "type": "boolean" + }, + "maxIssuerPathLength": { + "description": "Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.", + "format": "int32", + "type": "integer" + } + }, + "type": "object" + }, + "CaPool": { + "description": "A CaPool represents a group of CertificateAuthorities that form a trust anchor. A CaPool can be used to manage issuance policies for one or more CertificateAuthority resources and to rotate CA certificates in and out of the trust anchor.", + "id": "CaPool", + "properties": { + "issuancePolicy": { + "$ref": "IssuancePolicy", + "description": "Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool." + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Labels with user-defined metadata.", + "type": "object" + }, + "name": { + "description": "Output only. The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.", + "readOnly": true, + "type": "string" + }, + "publishingOptions": { + "$ref": "PublishingOptions", + "description": "Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool." + }, + "tier": { + "description": "Required. Immutable. The Tier of this CaPool.", + "enum": [ + "TIER_UNSPECIFIED", + "ENTERPRISE", + "DEVOPS" + ], + "enumDescriptions": [ + "Not specified.", + "Enterprise tier.", + "DevOps tier." + ], + "type": "string" + } + }, + "type": "object" + }, + "CancelOperationRequest": { + "description": "The request message for Operations.CancelOperation.", + "id": "CancelOperationRequest", + "properties": {}, + "type": "object" + }, + "CertChain": { + "id": "CertChain", + "properties": { + "certificates": { + "description": "The certificates that form the CA chain, from leaf to root order.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "Certificate": { + "description": "A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.", + "id": "Certificate", + "properties": { + "certificateDescription": { + "$ref": "CertificateDescription", + "description": "Output only. A structured description of the issued X.509 certificate.", + "readOnly": true + }, + "certificateTemplate": { + "description": "Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.", + "type": "string" + }, + "config": { + "$ref": "CertificateConfig", + "description": "Immutable. A description of the certificate and key that does not require X.509 or ASN.1." + }, + "createTime": { + "description": "Output only. The time at which this Certificate was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "issuerCertificateAuthority": { + "description": "Output only. The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "readOnly": true, + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Labels with user-defined metadata.", + "type": "object" + }, + "lifetime": { + "description": "Required. Immutable. The desired lifetime of a certificate. Used to create the \"not_before_time\" and \"not_after_time\" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.", + "format": "google-duration", + "type": "string" + }, + "name": { + "description": "Output only. The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.", + "readOnly": true, + "type": "string" + }, + "pemCertificate": { + "description": "Output only. The pem-encoded, signed X.509 certificate.", + "readOnly": true, + "type": "string" + }, + "pemCertificateChain": { + "description": "Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.", + "items": { + "type": "string" + }, + "readOnly": true, + "type": "array" + }, + "pemCsr": { + "description": "Immutable. A pem-encoded X.509 certificate signing request (CSR).", + "type": "string" + }, + "revocationDetails": { + "$ref": "RevocationDetails", + "description": "Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.", + "readOnly": true + }, + "subjectMode": { + "description": "Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.", + "enum": [ + "SUBJECT_REQUEST_MODE_UNSPECIFIED", + "DEFAULT", + "REFLECTED_SPIFFE" + ], + "enumDescriptions": [ + "Not specified.", + "The default mode used in most cases. Indicates that the certificate's Subject and/or SubjectAltNames are specified in the certificate request. This mode requires the caller to have the `privateca.certificates.create` permission.", + "A mode reserved for special cases. Indicates that the certificate should have one or more SPIFFE SubjectAltNames set by the service based on the caller's identity. This mode will ignore any explicitly specified Subject and/or SubjectAltNames in the certificate request. This mode requires the caller to have the `privateca.certificates.createForSelf` permission." + ], + "type": "string" + }, + "updateTime": { + "description": "Output only. The time at which this Certificate was updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "CertificateAuthority": { + "description": "A CertificateAuthority represents an individual Certificate Authority. A CertificateAuthority can be used to create Certificates.", + "id": "CertificateAuthority", + "properties": { + "accessUrls": { + "$ref": "AccessUrls", + "description": "Output only. URLs for accessing content published by this CA, such as the CA certificate and CRLs.", + "readOnly": true + }, + "caCertificateDescriptions": { + "description": "Output only. A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.", + "items": { + "$ref": "CertificateDescription" + }, + "readOnly": true, + "type": "array" + }, + "config": { + "$ref": "CertificateConfig", + "description": "Required. Immutable. The config used to create a self-signed X.509 certificate or CSR." + }, + "createTime": { + "description": "Output only. The time at which this CertificateAuthority was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "deleteTime": { + "description": "Output only. The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "expireTime": { + "description": "Output only. The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "gcsBucket": { + "description": "Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.", + "type": "string" + }, + "keySpec": { + "$ref": "KeyVersionSpec", + "description": "Required. Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR." + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Labels with user-defined metadata.", + "type": "object" + }, + "lifetime": { + "description": "Required. The desired lifetime of the CA certificate. Used to create the \"not_before_time\" and \"not_after_time\" fields inside an X.509 certificate.", + "format": "google-duration", + "type": "string" + }, + "name": { + "description": "Output only. The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "readOnly": true, + "type": "string" + }, + "pemCaCertificates": { + "description": "Output only. This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.", + "items": { + "type": "string" + }, + "readOnly": true, + "type": "array" + }, + "state": { + "description": "Output only. The State for this CertificateAuthority.", + "enum": [ + "STATE_UNSPECIFIED", + "ENABLED", + "DISABLED", + "STAGED", + "AWAITING_USER_ACTIVATION", + "DELETED" + ], + "enumDescriptions": [ + "Not specified.", + "Certificates can be issued from this CA. CRLs will be generated for this CA. The CA will be part of the CaPool's trust anchor, and will be used to issue certificates from the CaPool.", + "Certificates cannot be issued from this CA. CRLs will still be generated. The CA will be part of the CaPool's trust anchor, but will not be used to issue certificates from the CaPool.", + "Certificates can be issued from this CA. CRLs will be generated for this CA. The CA will be part of the CaPool's trust anchor, but will not be used to issue certificates from the CaPool.", + "Certificates cannot be issued from this CA. CRLs will not be generated. The CA will not be part of the CaPool's trust anchor, and will not be used to issue certificates from the CaPool.", + "Certificates cannot be issued from this CA. CRLs will not be generated. The CA may still be recovered by calling CertificateAuthorityService.UndeleteCertificateAuthority before expire_time. The CA will not be part of the CaPool's trust anchor, and will not be used to issue certificates from the CaPool." + ], + "readOnly": true, + "type": "string" + }, + "subordinateConfig": { + "$ref": "SubordinateConfig", + "description": "Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate." + }, + "tier": { + "description": "Output only. The CaPool.Tier of the CaPool that includes this CertificateAuthority.", + "enum": [ + "TIER_UNSPECIFIED", + "ENTERPRISE", + "DEVOPS" + ], + "enumDescriptions": [ + "Not specified.", + "Enterprise tier.", + "DevOps tier." + ], + "readOnly": true, + "type": "string" + }, + "type": { + "description": "Required. Immutable. The Type of this CertificateAuthority.", + "enum": [ + "TYPE_UNSPECIFIED", + "SELF_SIGNED", + "SUBORDINATE" + ], + "enumDescriptions": [ + "Not specified.", + "Self-signed CA.", + "Subordinate CA. Could be issued by a Private CA CertificateAuthority or an unmanaged CA." + ], + "type": "string" + }, + "updateTime": { + "description": "Output only. The time at which this CertificateAuthority was last updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "CertificateConfig": { + "description": "A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.", + "id": "CertificateConfig", + "properties": { + "publicKey": { + "$ref": "PublicKey", + "description": "Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR." + }, + "subjectConfig": { + "$ref": "SubjectConfig", + "description": "Required. Specifies some of the values in a certificate that are related to the subject." + }, + "x509Config": { + "$ref": "X509Parameters", + "description": "Required. Describes how some of the technical X.509 fields in a certificate should be populated." + } + }, + "type": "object" + }, + "CertificateDescription": { + "description": "A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.", + "id": "CertificateDescription", + "properties": { + "aiaIssuingCertificateUrls": { + "description": "Describes lists of issuer CA certificate URLs that appear in the \"Authority Information Access\" extension in the certificate.", + "items": { + "type": "string" + }, + "type": "array" + }, + "authorityKeyId": { + "$ref": "KeyId", + "description": "Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1" + }, + "certFingerprint": { + "$ref": "CertificateFingerprint", + "description": "The hash of the x.509 certificate." + }, + "crlDistributionPoints": { + "description": "Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13", + "items": { + "type": "string" + }, + "type": "array" + }, + "publicKey": { + "$ref": "PublicKey", + "description": "The public key that corresponds to an issued certificate." + }, + "subjectDescription": { + "$ref": "SubjectDescription", + "description": "Describes some of the values in a certificate that are related to the subject and lifetime." + }, + "subjectKeyId": { + "$ref": "KeyId", + "description": "Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2." + }, + "x509Description": { + "$ref": "X509Parameters", + "description": "Describes some of the technical X.509 fields in a certificate." + } + }, + "type": "object" + }, + "CertificateExtensionConstraints": { + "description": "Describes a set of X.509 extensions that may be part of some certificate issuance controls.", + "id": "CertificateExtensionConstraints", + "properties": { + "additionalExtensions": { + "description": "Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.", + "items": { + "$ref": "ObjectId" + }, + "type": "array" + }, + "knownExtensions": { + "description": "Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.", + "items": { + "enum": [ + "KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED", + "BASE_KEY_USAGE", + "EXTENDED_KEY_USAGE", + "CA_OPTIONS", + "POLICY_IDS", + "AIA_OCSP_SERVERS" + ], + "enumDescriptions": [ + "Not specified.", + "Refers to a certificate's Key Usage extension, as described in [RFC 5280 section 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3). This corresponds to the KeyUsage.base_key_usage field.", + "Refers to a certificate's Extended Key Usage extension, as described in [RFC 5280 section 4.2.1.12](https://tools.ietf.org/html/rfc5280#section-4.2.1.12). This corresponds to the KeyUsage.extended_key_usage message.", + "Refers to a certificate's Basic Constraints extension, as described in [RFC 5280 section 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9). This corresponds to the X509Parameters.ca_options field.", + "Refers to a certificate's Policy object identifiers, as described in [RFC 5280 section 4.2.1.4](https://tools.ietf.org/html/rfc5280#section-4.2.1.4). This corresponds to the X509Parameters.policy_ids field.", + "Refers to OCSP servers in a certificate's Authority Information Access extension, as described in [RFC 5280 section 4.2.2.1](https://tools.ietf.org/html/rfc5280#section-4.2.2.1), This corresponds to the X509Parameters.aia_ocsp_servers field." + ], + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "CertificateFingerprint": { + "description": "A group of fingerprints for the x509 certificate.", + "id": "CertificateFingerprint", + "properties": { + "sha256Hash": { + "description": "The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.", + "type": "string" + } + }, + "type": "object" + }, + "CertificateIdentityConstraints": { + "description": "Describes constraints on a Certificate's Subject and SubjectAltNames.", + "id": "CertificateIdentityConstraints", + "properties": { + "allowSubjectAltNamesPassthrough": { + "description": "Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.", + "type": "boolean" + }, + "allowSubjectPassthrough": { + "description": "Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.", + "type": "boolean" + }, + "celExpression": { + "$ref": "Expr", + "description": "Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/cel-guide" + } + }, + "type": "object" + }, + "CertificateRevocationList": { + "description": "A CertificateRevocationList corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.", + "id": "CertificateRevocationList", + "properties": { + "accessUrl": { + "description": "Output only. The location where 'pem_crl' can be accessed.", + "readOnly": true, + "type": "string" + }, + "createTime": { + "description": "Output only. The time at which this CertificateRevocationList was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Labels with user-defined metadata.", + "type": "object" + }, + "name": { + "description": "Output only. The resource name for this CertificateRevocationList in the format `projects/*/locations/*/caPools/*certificateAuthorities/*/ certificateRevocationLists/*`.", + "readOnly": true, + "type": "string" + }, + "pemCrl": { + "description": "Output only. The PEM-encoded X.509 CRL.", + "readOnly": true, + "type": "string" + }, + "revisionId": { + "description": "Output only. The revision ID of this CertificateRevocationList. A new revision is committed whenever a new CRL is published. The format is an 8-character hexadecimal string.", + "readOnly": true, + "type": "string" + }, + "revokedCertificates": { + "description": "Output only. The revoked serial numbers that appear in pem_crl.", + "items": { + "$ref": "RevokedCertificate" + }, + "readOnly": true, + "type": "array" + }, + "sequenceNumber": { + "description": "Output only. The CRL sequence number that appears in pem_crl.", + "format": "int64", + "readOnly": true, + "type": "string" + }, + "state": { + "description": "Output only. The State for this CertificateRevocationList.", + "enum": [ + "STATE_UNSPECIFIED", + "ACTIVE", + "SUPERSEDED" + ], + "enumDescriptions": [ + "Not specified.", + "The CertificateRevocationList is up to date.", + "The CertificateRevocationList is no longer current." + ], + "readOnly": true, + "type": "string" + }, + "updateTime": { + "description": "Output only. The time at which this CertificateRevocationList was updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "CertificateTemplate": { + "description": "A CertificateTemplate refers to a managed template for certificate issuance.", + "id": "CertificateTemplate", + "properties": { + "createTime": { + "description": "Output only. The time at which this CertificateTemplate was created.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + }, + "description": { + "description": "Optional. A human-readable description of scenarios this template is intended for.", + "type": "string" + }, + "identityConstraints": { + "$ref": "CertificateIdentityConstraints", + "description": "Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity." + }, + "labels": { + "additionalProperties": { + "type": "string" + }, + "description": "Optional. Labels with user-defined metadata.", + "type": "object" + }, + "name": { + "description": "Output only. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.", + "readOnly": true, + "type": "string" + }, + "passthroughExtensions": { + "$ref": "CertificateExtensionConstraints", + "description": "Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values." + }, + "predefinedValues": { + "$ref": "X509Parameters", + "description": "Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail." + }, + "updateTime": { + "description": "Output only. The time at which this CertificateTemplate was updated.", + "format": "google-datetime", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "DisableCertificateAuthorityRequest": { + "description": "Request message for CertificateAuthorityService.DisableCertificateAuthority.", + "id": "DisableCertificateAuthorityRequest", + "properties": { + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "type": "string" + } + }, + "type": "object" + }, + "EcKeyType": { + "description": "Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool.", + "id": "EcKeyType", + "properties": { + "signatureAlgorithm": { + "description": "Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.", + "enum": [ + "EC_SIGNATURE_ALGORITHM_UNSPECIFIED", + "ECDSA_P256", + "ECDSA_P384", + "EDDSA_25519" + ], + "enumDescriptions": [ + "Not specified. Signifies that any signature algorithm may be used.", + "Refers to the Elliptic Curve Digital Signature Algorithm over the NIST P-256 curve.", + "Refers to the Elliptic Curve Digital Signature Algorithm over the NIST P-384 curve.", + "Refers to the Edwards-curve Digital Signature Algorithm over curve 25519, as described in RFC 8410." + ], + "type": "string" + } + }, + "type": "object" + }, + "Empty": { + "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.", + "id": "Empty", + "properties": {}, + "type": "object" + }, + "EnableCertificateAuthorityRequest": { + "description": "Request message for CertificateAuthorityService.EnableCertificateAuthority.", + "id": "EnableCertificateAuthorityRequest", + "properties": { + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "type": "string" + } + }, + "type": "object" + }, + "Expr": { + "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", + "id": "Expr", + "properties": { + "description": { + "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.", + "type": "string" + }, + "expression": { + "description": "Textual representation of an expression in Common Expression Language syntax.", + "type": "string" + }, + "location": { + "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.", + "type": "string" + }, + "title": { + "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.", + "type": "string" + } + }, + "type": "object" + }, + "ExtendedKeyUsageOptions": { + "description": "KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value.", + "id": "ExtendedKeyUsageOptions", + "properties": { + "clientAuth": { + "description": "Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as \"TLS WWW client authentication\", though regularly used for non-WWW TLS.", + "type": "boolean" + }, + "codeSigning": { + "description": "Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as \"Signing of downloadable executable code client authentication\".", + "type": "boolean" + }, + "emailProtection": { + "description": "Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as \"Email protection\".", + "type": "boolean" + }, + "ocspSigning": { + "description": "Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as \"Signing OCSP responses\".", + "type": "boolean" + }, + "serverAuth": { + "description": "Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as \"TLS WWW server authentication\", though regularly used for non-WWW TLS.", + "type": "boolean" + }, + "timeStamping": { + "description": "Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as \"Binding the hash of an object to a time\".", + "type": "boolean" + } + }, + "type": "object" + }, + "FetchCaCertsRequest": { + "description": "Request message for CertificateAuthorityService.FetchCaCerts.", + "id": "FetchCaCertsRequest", + "properties": { + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "type": "string" + } + }, + "type": "object" + }, + "FetchCaCertsResponse": { + "description": "Response message for CertificateAuthorityService.FetchCaCerts.", + "id": "FetchCaCertsResponse", + "properties": { + "caCerts": { + "description": "The PEM encoded CA certificate chains of all ACTIVE CertificateAuthority resources in this CaPool.", + "items": { + "$ref": "CertChain" + }, + "type": "array" + } + }, + "type": "object" + }, + "FetchCertificateAuthorityCsrResponse": { + "description": "Response message for CertificateAuthorityService.FetchCertificateAuthorityCsr.", + "id": "FetchCertificateAuthorityCsrResponse", + "properties": { + "pemCsr": { + "description": "Output only. The PEM-encoded signed certificate signing request (CSR).", + "readOnly": true, + "type": "string" + } + }, + "type": "object" + }, + "IssuanceModes": { + "description": "IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool.", + "id": "IssuanceModes", + "properties": { + "allowConfigBasedIssuance": { + "description": "Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.", + "type": "boolean" + }, + "allowCsrBasedIssuance": { + "description": "Optional. When true, allows callers to create Certificates by specifying a CSR.", + "type": "boolean" + } + }, + "type": "object" + }, + "IssuancePolicy": { + "description": "Defines controls over all certificate issuance within a CaPool.", + "id": "IssuancePolicy", + "properties": { + "allowedIssuanceModes": { + "$ref": "IssuanceModes", + "description": "Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates." + }, + "allowedKeyTypes": { + "description": "Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.", + "items": { + "$ref": "AllowedKeyType" + }, + "type": "array" + }, + "baselineValues": { + "$ref": "X509Parameters", + "description": "Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail." + }, + "identityConstraints": { + "$ref": "CertificateIdentityConstraints", + "description": "Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity." + }, + "maximumLifetime": { + "description": "Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.", + "format": "google-duration", + "type": "string" + }, + "passthroughExtensions": { + "$ref": "CertificateExtensionConstraints", + "description": "Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values." + } + }, + "type": "object" + }, + "KeyId": { + "description": "A KeyId identifies a specific public key, usually by hashing the public key.", + "id": "KeyId", + "properties": { + "keyId": { + "description": "Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.", + "type": "string" + } + }, + "type": "object" + }, + "KeyUsage": { + "description": "A KeyUsage describes key usage values that may appear in an X.509 certificate.", + "id": "KeyUsage", + "properties": { + "baseKeyUsage": { + "$ref": "KeyUsageOptions", + "description": "Describes high-level ways in which a key may be used." + }, + "extendedKeyUsage": { + "$ref": "ExtendedKeyUsageOptions", + "description": "Detailed scenarios in which a key may be used." + }, + "unknownExtendedKeyUsages": { + "description": "Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.", + "items": { + "$ref": "ObjectId" + }, + "type": "array" + } + }, + "type": "object" + }, + "KeyUsageOptions": { + "description": "KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.", + "id": "KeyUsageOptions", + "properties": { + "certSign": { + "description": "The key may be used to sign certificates.", + "type": "boolean" + }, + "contentCommitment": { + "description": "The key may be used for cryptographic commitments. Note that this may also be referred to as \"non-repudiation\".", + "type": "boolean" + }, + "crlSign": { + "description": "The key may be used sign certificate revocation lists.", + "type": "boolean" + }, + "dataEncipherment": { + "description": "The key may be used to encipher data.", + "type": "boolean" + }, + "decipherOnly": { + "description": "The key may be used to decipher only.", + "type": "boolean" + }, + "digitalSignature": { + "description": "The key may be used for digital signatures.", + "type": "boolean" + }, + "encipherOnly": { + "description": "The key may be used to encipher only.", + "type": "boolean" + }, + "keyAgreement": { + "description": "The key may be used in a key agreement protocol.", + "type": "boolean" + }, + "keyEncipherment": { + "description": "The key may be used to encipher other keys.", + "type": "boolean" + } + }, + "type": "object" + }, + "KeyVersionSpec": { + "description": "A Cloud KMS key configuration that a CertificateAuthority will use.", + "id": "KeyVersionSpec", + "properties": { + "algorithm": { + "description": "The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.", + "enum": [ + "SIGN_HASH_ALGORITHM_UNSPECIFIED", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", + "RSA_PKCS1_2048_SHA256", + "RSA_PKCS1_3072_SHA256", + "RSA_PKCS1_4096_SHA256", + "EC_P256_SHA256", + "EC_P384_SHA384" + ], + "enumDescriptions": [ + "Not specified.", + "maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256", + "maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256", + "maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256", + "maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256", + "maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256", + "maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256", + "maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256", + "maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384" + ], + "type": "string" + }, + "cloudKmsKeyVersion": { + "description": "The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.", + "type": "string" + } + }, + "type": "object" + }, + "ListCaPoolsResponse": { + "description": "Response message for CertificateAuthorityService.ListCaPools.", + "id": "ListCaPoolsResponse", + "properties": { + "caPools": { + "description": "The list of CaPools.", + "items": { + "$ref": "CaPool" + }, + "type": "array" + }, + "nextPageToken": { + "description": "A token to retrieve next page of results. Pass this value in ListCertificateAuthoritiesRequest.next_page_token to retrieve the next page of results.", + "type": "string" + }, + "unreachable": { + "description": "A list of locations (e.g. \"us-west1\") that could not be reached.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListCertificateAuthoritiesResponse": { + "description": "Response message for CertificateAuthorityService.ListCertificateAuthorities.", + "id": "ListCertificateAuthoritiesResponse", + "properties": { + "certificateAuthorities": { + "description": "The list of CertificateAuthorities.", + "items": { + "$ref": "CertificateAuthority" + }, + "type": "array" + }, + "nextPageToken": { + "description": "A token to retrieve next page of results. Pass this value in ListCertificateAuthoritiesRequest.next_page_token to retrieve the next page of results.", + "type": "string" + }, + "unreachable": { + "description": "A list of locations (e.g. \"us-west1\") that could not be reached.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListCertificateRevocationListsResponse": { + "description": "Response message for CertificateAuthorityService.ListCertificateRevocationLists.", + "id": "ListCertificateRevocationListsResponse", + "properties": { + "certificateRevocationLists": { + "description": "The list of CertificateRevocationLists.", + "items": { + "$ref": "CertificateRevocationList" + }, + "type": "array" + }, + "nextPageToken": { + "description": "A token to retrieve next page of results. Pass this value in ListCertificateRevocationListsRequest.next_page_token to retrieve the next page of results.", + "type": "string" + }, + "unreachable": { + "description": "A list of locations (e.g. \"us-west1\") that could not be reached.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "ListCertificateTemplatesResponse": { + "description": "Response message for CertificateAuthorityService.ListCertificateTemplates.", + "id": "ListCertificateTemplatesResponse", "properties": { - "condition": { - "$ref": "Expr", - "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." - }, - "members": { - "description": "Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "certificateTemplates": { + "description": "The list of CertificateTemplates.", "items": { - "type": "string" + "$ref": "CertificateTemplate" }, "type": "array" }, - "role": { - "description": "Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.", + "nextPageToken": { + "description": "A token to retrieve next page of results. Pass this value in ListCertificateTemplatesRequest.next_page_token to retrieve the next page of results.", "type": "string" + }, + "unreachable": { + "description": "A list of locations (e.g. \"us-west1\") that could not be reached.", + "items": { + "type": "string" + }, + "type": "array" } }, "type": "object" }, - "CancelOperationRequest": { - "description": "The request message for Operations.CancelOperation.", - "id": "CancelOperationRequest", - "properties": {}, - "type": "object" - }, - "Empty": { - "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.", - "id": "Empty", - "properties": {}, - "type": "object" - }, - "Expr": { - "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", - "id": "Expr", + "ListCertificatesResponse": { + "description": "Response message for CertificateAuthorityService.ListCertificates.", + "id": "ListCertificatesResponse", "properties": { - "description": { - "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.", - "type": "string" - }, - "expression": { - "description": "Textual representation of an expression in Common Expression Language syntax.", - "type": "string" + "certificates": { + "description": "The list of Certificates.", + "items": { + "$ref": "Certificate" + }, + "type": "array" }, - "location": { - "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.", + "nextPageToken": { + "description": "A token to retrieve next page of results. Pass this value in ListCertificatesRequest.next_page_token to retrieve the next page of results.", "type": "string" }, - "title": { - "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.", - "type": "string" + "unreachable": { + "description": "A list of locations (e.g. \"us-west1\") that could not be reached.", + "items": { + "type": "string" + }, + "type": "array" } }, "type": "object" @@ -762,6 +2769,21 @@ }, "type": "object" }, + "ObjectId": { + "description": "An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.", + "id": "ObjectId", + "properties": { + "objectIdPath": { + "description": "Required. The parts of an OID path. The most significant parts of the path come first.", + "items": { + "format": "int32", + "type": "integer" + }, + "type": "array" + } + }, + "type": "object" + }, "Operation": { "description": "This resource represents a long-running operation that is the result of a network API call.", "id": "Operation", @@ -872,6 +2894,45 @@ }, "type": "object" }, + "PublicKey": { + "description": "A PublicKey describes a public key.", + "id": "PublicKey", + "properties": { + "format": { + "description": "Required. The format of the public key.", + "enum": [ + "KEY_FORMAT_UNSPECIFIED", + "PEM" + ], + "enumDescriptions": [ + "Default unspecified value.", + "The key is PEM-encoded as defined in [RFC 7468](https://tools.ietf.org/html/rfc7468). It can be any of the following: a PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, an RFC 5280 [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) or a PEM-encoded X.509 certificate signing request (CSR). If a [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) is specified, it can contain a A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey or a NIST P-256/secp256r1/prime256v1 or P-384 key. If a CSR is specified, it will used solely for the purpose of extracting the public key. When generated by the service, it will always be an RFC 5280 [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) structure containing an algorithm identifier and a key." + ], + "type": "string" + }, + "key": { + "description": "Required. A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.", + "format": "byte", + "type": "string" + } + }, + "type": "object" + }, + "PublishingOptions": { + "description": "Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool.", + "id": "PublishingOptions", + "properties": { + "publishCaCert": { + "description": "Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the \"Authority Information Access\" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.", + "type": "boolean" + }, + "publishCrl": { + "description": "Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the \"CRL Distribution Points\" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.", + "type": "boolean" + } + }, + "type": "object" + }, "ReconciliationOperationMetadata": { "description": "Operation metadata returned by the CLH during resource state reconciliation.", "id": "ReconciliationOperationMetadata", @@ -896,6 +2957,139 @@ }, "type": "object" }, + "RevocationDetails": { + "description": "Describes fields that are relavent to the revocation of a Certificate.", + "id": "RevocationDetails", + "properties": { + "revocationState": { + "description": "Indicates why a Certificate was revoked.", + "enum": [ + "REVOCATION_REASON_UNSPECIFIED", + "KEY_COMPROMISE", + "CERTIFICATE_AUTHORITY_COMPROMISE", + "AFFILIATION_CHANGED", + "SUPERSEDED", + "CESSATION_OF_OPERATION", + "CERTIFICATE_HOLD", + "PRIVILEGE_WITHDRAWN", + "ATTRIBUTE_AUTHORITY_COMPROMISE" + ], + "enumDescriptions": [ + "Default unspecified value. This value does indicate that a Certificate has been revoked, but that a reason has not been recorded.", + "Key material for this Certificate may have leaked.", + "The key material for a certificate authority in the issuing path may have leaked.", + "The subject or other attributes in this Certificate have changed.", + "This Certificate has been superseded.", + "This Certificate or entities in the issuing path have ceased to operate.", + "This Certificate should not be considered valid, it is expected that it may become valid in the future.", + "This Certificate no longer has permission to assert the listed attributes.", + "The authority which determines appropriate attributes for a Certificate may have been compromised." + ], + "type": "string" + }, + "revocationTime": { + "description": "The time at which this Certificate was revoked.", + "format": "google-datetime", + "type": "string" + } + }, + "type": "object" + }, + "RevokeCertificateRequest": { + "description": "Request message for CertificateAuthorityService.RevokeCertificate.", + "id": "RevokeCertificateRequest", + "properties": { + "reason": { + "description": "Required. The RevocationReason for revoking this certificate.", + "enum": [ + "REVOCATION_REASON_UNSPECIFIED", + "KEY_COMPROMISE", + "CERTIFICATE_AUTHORITY_COMPROMISE", + "AFFILIATION_CHANGED", + "SUPERSEDED", + "CESSATION_OF_OPERATION", + "CERTIFICATE_HOLD", + "PRIVILEGE_WITHDRAWN", + "ATTRIBUTE_AUTHORITY_COMPROMISE" + ], + "enumDescriptions": [ + "Default unspecified value. This value does indicate that a Certificate has been revoked, but that a reason has not been recorded.", + "Key material for this Certificate may have leaked.", + "The key material for a certificate authority in the issuing path may have leaked.", + "The subject or other attributes in this Certificate have changed.", + "This Certificate has been superseded.", + "This Certificate or entities in the issuing path have ceased to operate.", + "This Certificate should not be considered valid, it is expected that it may become valid in the future.", + "This Certificate no longer has permission to assert the listed attributes.", + "The authority which determines appropriate attributes for a Certificate may have been compromised." + ], + "type": "string" + }, + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "type": "string" + } + }, + "type": "object" + }, + "RevokedCertificate": { + "description": "Describes a revoked Certificate.", + "id": "RevokedCertificate", + "properties": { + "certificate": { + "description": "The resource name for the Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.", + "type": "string" + }, + "hexSerialNumber": { + "description": "The serial number of the Certificate.", + "type": "string" + }, + "revocationReason": { + "description": "The reason the Certificate was revoked.", + "enum": [ + "REVOCATION_REASON_UNSPECIFIED", + "KEY_COMPROMISE", + "CERTIFICATE_AUTHORITY_COMPROMISE", + "AFFILIATION_CHANGED", + "SUPERSEDED", + "CESSATION_OF_OPERATION", + "CERTIFICATE_HOLD", + "PRIVILEGE_WITHDRAWN", + "ATTRIBUTE_AUTHORITY_COMPROMISE" + ], + "enumDescriptions": [ + "Default unspecified value. This value does indicate that a Certificate has been revoked, but that a reason has not been recorded.", + "Key material for this Certificate may have leaked.", + "The key material for a certificate authority in the issuing path may have leaked.", + "The subject or other attributes in this Certificate have changed.", + "This Certificate has been superseded.", + "This Certificate or entities in the issuing path have ceased to operate.", + "This Certificate should not be considered valid, it is expected that it may become valid in the future.", + "This Certificate no longer has permission to assert the listed attributes.", + "The authority which determines appropriate attributes for a Certificate may have been compromised." + ], + "type": "string" + } + }, + "type": "object" + }, + "RsaKeyType": { + "description": "Describes an RSA key that may be used in a Certificate issued from a CaPool.", + "id": "RsaKeyType", + "properties": { + "maxModulusSize": { + "description": "Optional. The maximum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.", + "format": "int64", + "type": "string" + }, + "minModulusSize": { + "description": "Optional. The minimum allowed RSA modulus size, in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.", + "format": "int64", + "type": "string" + } + }, + "type": "object" + }, "SetIamPolicyRequest": { "description": "Request message for `SetIamPolicy` method.", "id": "SetIamPolicyRequest", @@ -939,6 +3133,165 @@ }, "type": "object" }, + "Subject": { + "description": "Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate.", + "id": "Subject", + "properties": { + "commonName": { + "description": "The \"common name\" of the subject.", + "type": "string" + }, + "countryCode": { + "description": "The country code of the subject.", + "type": "string" + }, + "locality": { + "description": "The locality or city of the subject.", + "type": "string" + }, + "organization": { + "description": "The organization of the subject.", + "type": "string" + }, + "organizationalUnit": { + "description": "The organizational_unit of the subject.", + "type": "string" + }, + "postalCode": { + "description": "The postal code of the subject.", + "type": "string" + }, + "province": { + "description": "The province, territory, or regional state of the subject.", + "type": "string" + }, + "streetAddress": { + "description": "The street address of the subject.", + "type": "string" + } + }, + "type": "object" + }, + "SubjectAltNames": { + "description": "SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the \"common name\" in the distinguished name).", + "id": "SubjectAltNames", + "properties": { + "customSans": { + "description": "Contains additional subject alternative name values.", + "items": { + "$ref": "X509Extension" + }, + "type": "array" + }, + "dnsNames": { + "description": "Contains only valid, fully-qualified host names.", + "items": { + "type": "string" + }, + "type": "array" + }, + "emailAddresses": { + "description": "Contains only valid RFC 2822 E-mail addresses.", + "items": { + "type": "string" + }, + "type": "array" + }, + "ipAddresses": { + "description": "Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.", + "items": { + "type": "string" + }, + "type": "array" + }, + "uris": { + "description": "Contains only valid RFC 3986 URIs.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "SubjectConfig": { + "description": "These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.", + "id": "SubjectConfig", + "properties": { + "subject": { + "$ref": "Subject", + "description": "Required. Contains distinguished name fields such as the common name, location and organization." + }, + "subjectAltName": { + "$ref": "SubjectAltNames", + "description": "Optional. The subject alternative name fields." + } + }, + "type": "object" + }, + "SubjectDescription": { + "description": "These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.", + "id": "SubjectDescription", + "properties": { + "hexSerialNumber": { + "description": "The serial number encoded in lowercase hexadecimal.", + "type": "string" + }, + "lifetime": { + "description": "For convenience, the actual lifetime of an issued certificate. Corresponds to 'not_after_time' - 'not_before_time'.", + "format": "google-duration", + "type": "string" + }, + "notAfterTime": { + "description": "The time at which the certificate expires.", + "format": "google-datetime", + "type": "string" + }, + "notBeforeTime": { + "description": "The time at which the certificate becomes valid.", + "format": "google-datetime", + "type": "string" + }, + "subject": { + "$ref": "Subject", + "description": "Contains distinguished name fields such as the common name, location and / organization." + }, + "subjectAltName": { + "$ref": "SubjectAltNames", + "description": "The subject alternative name fields." + } + }, + "type": "object" + }, + "SubordinateConfig": { + "description": "Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain.", + "id": "SubordinateConfig", + "properties": { + "certificateAuthority": { + "description": "Required. This can refer to a CertificateAuthority in the same project that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.", + "type": "string" + }, + "pemIssuerChain": { + "$ref": "SubordinateConfigChain", + "description": "Required. Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself." + } + }, + "type": "object" + }, + "SubordinateConfigChain": { + "description": "This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.", + "id": "SubordinateConfigChain", + "properties": { + "pemCertificates": { + "description": "Required. Expected to be in leaf-to-root order according to RFC 5246.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "TestIamPermissionsRequest": { "description": "Request message for `TestIamPermissions` method.", "id": "TestIamPermissionsRequest", @@ -966,6 +3319,73 @@ } }, "type": "object" + }, + "UndeleteCertificateAuthorityRequest": { + "description": "Request message for CertificateAuthorityService.UndeleteCertificateAuthority.", + "id": "UndeleteCertificateAuthorityRequest", + "properties": { + "requestId": { + "description": "Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "type": "string" + } + }, + "type": "object" + }, + "X509Extension": { + "description": "An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.", + "id": "X509Extension", + "properties": { + "critical": { + "description": "Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).", + "type": "boolean" + }, + "objectId": { + "$ref": "ObjectId", + "description": "Required. The OID for this X.509 extension." + }, + "value": { + "description": "Required. The value of this X.509 extension.", + "format": "byte", + "type": "string" + } + }, + "type": "object" + }, + "X509Parameters": { + "description": "An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.", + "id": "X509Parameters", + "properties": { + "additionalExtensions": { + "description": "Optional. Describes custom X.509 extensions.", + "items": { + "$ref": "X509Extension" + }, + "type": "array" + }, + "aiaOcspServers": { + "description": "Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the \"Authority Information Access\" extension in the certificate.", + "items": { + "type": "string" + }, + "type": "array" + }, + "caOptions": { + "$ref": "CaOptions", + "description": "Optional. Describes options in this X509Parameters that are relevant in a CA certificate." + }, + "keyUsage": { + "$ref": "KeyUsage", + "description": "Optional. Indicates the intended use for keys that correspond to a certificate." + }, + "policyIds": { + "description": "Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.", + "items": { + "$ref": "ObjectId" + }, + "type": "array" + } + }, + "type": "object" } }, "servicePath": "", diff --git a/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json b/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json index bc9f91885f3..8729e23998b 100644 --- a/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json +++ b/googleapiclient/discovery_cache/documents/prod_tt_sasportal.v1alpha1.json @@ -2484,7 +2484,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://prod-tt-sasportal.googleapis.com/", "schemas": { "SasPortalAssignment": { diff --git a/googleapiclient/discovery_cache/documents/pubsublite.v1.json b/googleapiclient/discovery_cache/documents/pubsublite.v1.json index 3808aba0296..d14fc18bc63 100644 --- a/googleapiclient/discovery_cache/documents/pubsublite.v1.json +++ b/googleapiclient/discovery_cache/documents/pubsublite.v1.json @@ -690,7 +690,7 @@ } } }, - "revision": "20210524", + "revision": "20210528", "rootUrl": "https://pubsublite.googleapis.com/", "schemas": { "Capacity": { diff --git a/googleapiclient/discovery_cache/documents/run.v1.json b/googleapiclient/discovery_cache/documents/run.v1.json index bf798410779..357a0beece9 100644 --- a/googleapiclient/discovery_cache/documents/run.v1.json +++ b/googleapiclient/discovery_cache/documents/run.v1.json @@ -1736,7 +1736,7 @@ } } }, - "revision": "20210521", + "revision": "20210528", "rootUrl": "https://run.googleapis.com/", "schemas": { "Addressable": { diff --git a/googleapiclient/discovery_cache/documents/run.v1alpha1.json b/googleapiclient/discovery_cache/documents/run.v1alpha1.json index 2372634a6a1..c1f84d14842 100644 --- a/googleapiclient/discovery_cache/documents/run.v1alpha1.json +++ b/googleapiclient/discovery_cache/documents/run.v1alpha1.json @@ -268,7 +268,7 @@ } } }, - "revision": "20210521", + "revision": "20210528", "rootUrl": "https://run.googleapis.com/", "schemas": { "Capabilities": { diff --git a/googleapiclient/discovery_cache/documents/safebrowsing.v4.json b/googleapiclient/discovery_cache/documents/safebrowsing.v4.json index 73774f91205..593b478bf41 100644 --- a/googleapiclient/discovery_cache/documents/safebrowsing.v4.json +++ b/googleapiclient/discovery_cache/documents/safebrowsing.v4.json @@ -261,7 +261,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://safebrowsing.googleapis.com/", "schemas": { "GoogleProtobufEmpty": { diff --git a/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json b/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json index f0af886cc57..6efb43f6d03 100644 --- a/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json +++ b/googleapiclient/discovery_cache/documents/streetviewpublish.v1.json @@ -375,7 +375,7 @@ } } }, - "revision": "20210602", + "revision": "20210603", "rootUrl": "https://streetviewpublish.googleapis.com/", "schemas": { "BatchDeletePhotosRequest": {