docs: update generated docs (#1053)
Updates for both discovery docs and epydoc API Documentation
Fixes: #1049
diff --git a/docs/dyn/accesscontextmanager_v1beta.accessPolicies.servicePerimeters.html b/docs/dyn/accesscontextmanager_v1beta.accessPolicies.servicePerimeters.html
index 5e435a9..f26719a 100644
--- a/docs/dyn/accesscontextmanager_v1beta.accessPolicies.servicePerimeters.html
+++ b/docs/dyn/accesscontextmanager_v1beta.accessPolicies.servicePerimeters.html
@@ -75,104 +75,67 @@
<h1><a href="accesscontextmanager_v1beta.html">Access Context Manager API</a> . <a href="accesscontextmanager_v1beta.accessPolicies.html">accessPolicies</a> . <a href="accesscontextmanager_v1beta.accessPolicies.servicePerimeters.html">servicePerimeters</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
+ <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
<code><a href="#create">create(parent, body=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Create a Service Perimeter. The</p>
+<p class="firstline">Create a Service Perimeter. The longrunning operation from this RPC will have a successful status once the Service Perimeter has propagated to long-lasting storage. Service Perimeters containing errors will result in an error response for the first error encountered.</p>
<p class="toc_element">
<code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
-<p class="firstline">Delete a Service Perimeter by resource</p>
+<p class="firstline">Delete a Service Perimeter by resource name. The longrunning operation from this RPC will have a successful status once the Service Perimeter has been removed from long-lasting storage.</p>
<p class="toc_element">
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
-<p class="firstline">Get a Service Perimeter by resource</p>
+<p class="firstline">Get a Service Perimeter by resource name.</p>
<p class="toc_element">
- <code><a href="#list">list(parent, pageToken=None, pageSize=None, x__xgafv=None)</a></code></p>
-<p class="firstline">List all Service Perimeters for an</p>
+ <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">List all Service Perimeters for an access policy.</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<p class="toc_element">
<code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Update a Service Perimeter. The</p>
+<p class="firstline">Update a Service Perimeter. The longrunning operation from this RPC will have a successful status once the changes to the Service Perimeter have propagated to long-lasting storage. Service Perimeter containing errors will result in an error response for the first error encountered.</p>
<h3>Method Details</h3>
<div class="method">
+ <code class="details" id="close">close()</code>
+ <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
<code class="details" id="create">create(parent, body=None, x__xgafv=None)</code>
- <pre>Create a Service Perimeter. The
-longrunning operation from this RPC will have a successful status once the
-Service Perimeter has
-propagated to long-lasting storage. Service Perimeters containing
-errors will result in an error response for the first error encountered.
+ <pre>Create a Service Perimeter. The longrunning operation from this RPC will have a successful status once the Service Perimeter has propagated to long-lasting storage. Service Perimeters containing errors will result in an error response for the first error encountered.
Args:
- parent: string, Required. Resource name for the access policy which owns this Service
-Perimeter.
-
-Format: `accessPolicies/{policy_id}` (required)
+ parent: string, Required. Resource name for the access policy which owns this Service Perimeter. Format: `accessPolicies/{policy_id}` (required)
body: object, The request body.
The object takes the form of:
-{ # `ServicePerimeter` describes a set of Google Cloud resources which can freely
- # import and export data amongst themselves, but not export outside of the
- # `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
- # has a target outside of the `ServicePerimeter`, the request will be blocked.
- # Otherwise the request is allowed. There are two types of Service Perimeter -
- # Regular and Bridge. Regular Service Perimeters cannot overlap, a single
- # Google Cloud project can only belong to a single regular Service Perimeter.
- # Service Perimeter Bridges can contain only Google Cloud projects as members,
- # a single Google Cloud project may belong to multiple Service Perimeter
- # Bridges.
- "status": { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that # Current ServicePerimeter configuration. Specifies sets of resources,
- # restricted/unrestricted services and access levels that determine perimeter
- # content and boundaries.
- # describe specific Service Perimeter configuration.
- "unrestrictedServices": [ # Google Cloud services that are not subject to the Service Perimeter
- # restrictions. Deprecated. Must be set to a single wildcard "*".
- #
- # The wildcard means that unless explicitly specified by
- # "restricted_services" list, any service is treated as unrestricted.
+{ # `ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.
+ "perimeterType": "A String", # Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
+ "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect behavior.
+ "name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and '_'. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
+ "title": "A String", # Human readable title. Must be unique within the Policy.
+ "status": { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration. # Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
+ "vpcAccessibleServices": { # Specifies how APIs are allowed to communicate within the Service Perimeter. # Beta. Configuration for APIs allowed within Perimeter.
+ "allowedServices": [ # The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
"A String",
],
- "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
- # `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
- # must be in the same policy as this `ServicePerimeter`. Referencing a
- # nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
- # listed, resources within the perimeter can only be accessed via Google
- # Cloud calls with request origins within the perimeter. Example:
- # `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
- # For Service Perimeter Bridge, must be empty.
- "A String",
- ],
- "resources": [ # A list of Google Cloud resources that are inside of the service perimeter.
- # Currently only projects are allowed. Format: `projects/{project_number}`
- "A String",
- ],
- "restrictedServices": [ # Google Cloud services that are subject to the Service Perimeter
- # restrictions. Must contain a list of services. For example, if
- # `storage.googleapis.com` is specified, access to the storage buckets
- # inside the perimeter must meet the perimeter's access restrictions.
- "A String",
- ],
- "vpcAccessibleServices": { # Specifies how APIs are allowed to communicate within the Service # Beta. Configuration for APIs allowed within Perimeter.
- # Perimeter.
- "allowedServices": [ # The list of APIs usable within the Service Perimeter. Must be empty
- # unless 'enable_restriction' is True.
- "A String",
- ],
- "enableRestriction": True or False, # Whether to restrict API calls within the Service Perimeter to the list of
- # APIs specified in 'allowed_services'.
- },
+ "enableRestriction": True or False, # Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
},
- "perimeterType": "A String", # Perimeter type indicator. A single project is
- # allowed to be a member of single regular perimeter, but multiple service
- # perimeter bridges. A project cannot be a included in a perimeter bridge
- # without being included in regular perimeter. For perimeter bridges,
- # restricted/unrestricted service lists as well as access lists must be
- # empty.
- "title": "A String", # Human readable title. Must be unique within the Policy.
- "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
- # behavior.
- "name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name`
- # component must begin with a letter and only include alphanumeric and '_'.
- # Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
- }
+ "restrictedServices": [ # Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
+ "A String",
+ ],
+ "unrestrictedServices": [ # Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
+ "A String",
+ ],
+ "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.
+ "A String",
+ ],
+ "resources": [ # A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`
+ "A String",
+ ],
+ },
+}
x__xgafv: string, V1 error format.
Allowed values
@@ -182,63 +145,33 @@
Returns:
An object of the form:
- { # This resource represents a long-running operation that is the result of a
- # network API call.
- "metadata": { # Service-specific metadata associated with the operation. It typically
- # contains progress information and common metadata such as create time.
- # Some services might not provide such metadata. Any method that returns a
- # long-running operation should document the metadata type, if any.
+ { # This resource represents a long-running operation that is the result of a network API call.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+ "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+ "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "response": { # The normal response of the operation in case of success. If the original
- # method returns no data on success, such as `Delete`, the response is
- # `google.protobuf.Empty`. If the original method is standard
- # `Get`/`Create`/`Update`, the response should be the resource. For other
- # methods, the response should have the type `XxxResponse`, where `Xxx`
- # is the original method name. For example, if the original method name
- # is `TakeSnapshot()`, the inferred response type is
- # `TakeSnapshotResponse`.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should be a resource name ending with `operations/{unique_id}`.
- "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
- # different programming environments, including REST APIs and RPC APIs. It is
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
- # three pieces of data: error code, error message, and error details.
- #
- # You can find out more about this error model and how to work with it in the
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "details": [ # A list of messages that carry the error details. There is a common set of
- # message types for APIs to use.
+ "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+ "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
},
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If `true`, the operation is completed, and either `error` or `response` is
- # available.
+ "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
}</pre>
</div>
<div class="method">
<code class="details" id="delete">delete(name, x__xgafv=None)</code>
- <pre>Delete a Service Perimeter by resource
-name. The longrunning operation from this RPC will have a successful status
-once the Service Perimeter has been
-removed from long-lasting storage.
+ <pre>Delete a Service Perimeter by resource name. The longrunning operation from this RPC will have a successful status once the Service Perimeter has been removed from long-lasting storage.
Args:
- name: string, Required. Resource name for the Service Perimeter.
-
-Format:
-`accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}` (required)
+ name: string, Required. Resource name for the Service Perimeter. Format: `accessPolicies/{policy_id}/servicePerimeters/{service_perimeter_id}` (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -247,61 +180,33 @@
Returns:
An object of the form:
- { # This resource represents a long-running operation that is the result of a
- # network API call.
- "metadata": { # Service-specific metadata associated with the operation. It typically
- # contains progress information and common metadata such as create time.
- # Some services might not provide such metadata. Any method that returns a
- # long-running operation should document the metadata type, if any.
+ { # This resource represents a long-running operation that is the result of a network API call.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+ "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+ "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "response": { # The normal response of the operation in case of success. If the original
- # method returns no data on success, such as `Delete`, the response is
- # `google.protobuf.Empty`. If the original method is standard
- # `Get`/`Create`/`Update`, the response should be the resource. For other
- # methods, the response should have the type `XxxResponse`, where `Xxx`
- # is the original method name. For example, if the original method name
- # is `TakeSnapshot()`, the inferred response type is
- # `TakeSnapshotResponse`.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should be a resource name ending with `operations/{unique_id}`.
- "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
- # different programming environments, including REST APIs and RPC APIs. It is
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
- # three pieces of data: error code, error message, and error details.
- #
- # You can find out more about this error model and how to work with it in the
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "details": [ # A list of messages that carry the error details. There is a common set of
- # message types for APIs to use.
+ "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+ "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
},
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If `true`, the operation is completed, and either `error` or `response` is
- # available.
+ "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
}</pre>
</div>
<div class="method">
<code class="details" id="get">get(name, x__xgafv=None)</code>
- <pre>Get a Service Perimeter by resource
-name.
+ <pre>Get a Service Perimeter by resource name.
Args:
- name: string, Required. Resource name for the Service Perimeter.
-
-Format:
-`accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}` (required)
+ name: string, Required. Resource name for the Service Perimeter. Format: `accessPolicies/{policy_id}/servicePerimeters/{service_perimeters_id}` (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -310,86 +215,42 @@
Returns:
An object of the form:
- { # `ServicePerimeter` describes a set of Google Cloud resources which can freely
- # import and export data amongst themselves, but not export outside of the
- # `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
- # has a target outside of the `ServicePerimeter`, the request will be blocked.
- # Otherwise the request is allowed. There are two types of Service Perimeter -
- # Regular and Bridge. Regular Service Perimeters cannot overlap, a single
- # Google Cloud project can only belong to a single regular Service Perimeter.
- # Service Perimeter Bridges can contain only Google Cloud projects as members,
- # a single Google Cloud project may belong to multiple Service Perimeter
- # Bridges.
- "status": { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that # Current ServicePerimeter configuration. Specifies sets of resources,
- # restricted/unrestricted services and access levels that determine perimeter
- # content and boundaries.
- # describe specific Service Perimeter configuration.
- "unrestrictedServices": [ # Google Cloud services that are not subject to the Service Perimeter
- # restrictions. Deprecated. Must be set to a single wildcard "*".
- #
- # The wildcard means that unless explicitly specified by
- # "restricted_services" list, any service is treated as unrestricted.
+ { # `ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.
+ "perimeterType": "A String", # Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
+ "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect behavior.
+ "name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and '_'. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
+ "title": "A String", # Human readable title. Must be unique within the Policy.
+ "status": { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration. # Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
+ "vpcAccessibleServices": { # Specifies how APIs are allowed to communicate within the Service Perimeter. # Beta. Configuration for APIs allowed within Perimeter.
+ "allowedServices": [ # The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
"A String",
],
- "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
- # `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
- # must be in the same policy as this `ServicePerimeter`. Referencing a
- # nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
- # listed, resources within the perimeter can only be accessed via Google
- # Cloud calls with request origins within the perimeter. Example:
- # `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
- # For Service Perimeter Bridge, must be empty.
- "A String",
- ],
- "resources": [ # A list of Google Cloud resources that are inside of the service perimeter.
- # Currently only projects are allowed. Format: `projects/{project_number}`
- "A String",
- ],
- "restrictedServices": [ # Google Cloud services that are subject to the Service Perimeter
- # restrictions. Must contain a list of services. For example, if
- # `storage.googleapis.com` is specified, access to the storage buckets
- # inside the perimeter must meet the perimeter's access restrictions.
- "A String",
- ],
- "vpcAccessibleServices": { # Specifies how APIs are allowed to communicate within the Service # Beta. Configuration for APIs allowed within Perimeter.
- # Perimeter.
- "allowedServices": [ # The list of APIs usable within the Service Perimeter. Must be empty
- # unless 'enable_restriction' is True.
- "A String",
- ],
- "enableRestriction": True or False, # Whether to restrict API calls within the Service Perimeter to the list of
- # APIs specified in 'allowed_services'.
- },
+ "enableRestriction": True or False, # Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
},
- "perimeterType": "A String", # Perimeter type indicator. A single project is
- # allowed to be a member of single regular perimeter, but multiple service
- # perimeter bridges. A project cannot be a included in a perimeter bridge
- # without being included in regular perimeter. For perimeter bridges,
- # restricted/unrestricted service lists as well as access lists must be
- # empty.
- "title": "A String", # Human readable title. Must be unique within the Policy.
- "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
- # behavior.
- "name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name`
- # component must begin with a letter and only include alphanumeric and '_'.
- # Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
- }</pre>
+ "restrictedServices": [ # Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
+ "A String",
+ ],
+ "unrestrictedServices": [ # Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
+ "A String",
+ ],
+ "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.
+ "A String",
+ ],
+ "resources": [ # A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`
+ "A String",
+ ],
+ },
+ }</pre>
</div>
<div class="method">
- <code class="details" id="list">list(parent, pageToken=None, pageSize=None, x__xgafv=None)</code>
- <pre>List all Service Perimeters for an
-access policy.
+ <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
+ <pre>List all Service Perimeters for an access policy.
Args:
- parent: string, Required. Resource name for the access policy to list Service Perimeters from.
-
-Format:
-`accessPolicies/{policy_id}` (required)
- pageToken: string, Next page token for the next batch of Service Perimeter instances.
-Defaults to the first page of results.
- pageSize: integer, Number of Service Perimeters to include
-in the list. Default 100.
+ parent: string, Required. Resource name for the access policy to list Service Perimeters from. Format: `accessPolicies/{policy_id}` (required)
+ pageSize: integer, Number of Service Perimeters to include in the list. Default 100.
+ pageToken: string, Next page token for the next batch of Service Perimeter instances. Defaults to the first page of results.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -400,73 +261,34 @@
{ # A response to `ListServicePerimetersRequest`.
"servicePerimeters": [ # List of the Service Perimeter instances.
- { # `ServicePerimeter` describes a set of Google Cloud resources which can freely
- # import and export data amongst themselves, but not export outside of the
- # `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
- # has a target outside of the `ServicePerimeter`, the request will be blocked.
- # Otherwise the request is allowed. There are two types of Service Perimeter -
- # Regular and Bridge. Regular Service Perimeters cannot overlap, a single
- # Google Cloud project can only belong to a single regular Service Perimeter.
- # Service Perimeter Bridges can contain only Google Cloud projects as members,
- # a single Google Cloud project may belong to multiple Service Perimeter
- # Bridges.
- "status": { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that # Current ServicePerimeter configuration. Specifies sets of resources,
- # restricted/unrestricted services and access levels that determine perimeter
- # content and boundaries.
- # describe specific Service Perimeter configuration.
- "unrestrictedServices": [ # Google Cloud services that are not subject to the Service Perimeter
- # restrictions. Deprecated. Must be set to a single wildcard "*".
- #
- # The wildcard means that unless explicitly specified by
- # "restricted_services" list, any service is treated as unrestricted.
+ { # `ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.
+ "perimeterType": "A String", # Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
+ "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect behavior.
+ "name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and '_'. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
+ "title": "A String", # Human readable title. Must be unique within the Policy.
+ "status": { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration. # Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
+ "vpcAccessibleServices": { # Specifies how APIs are allowed to communicate within the Service Perimeter. # Beta. Configuration for APIs allowed within Perimeter.
+ "allowedServices": [ # The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
"A String",
],
- "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
- # `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
- # must be in the same policy as this `ServicePerimeter`. Referencing a
- # nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
- # listed, resources within the perimeter can only be accessed via Google
- # Cloud calls with request origins within the perimeter. Example:
- # `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
- # For Service Perimeter Bridge, must be empty.
- "A String",
- ],
- "resources": [ # A list of Google Cloud resources that are inside of the service perimeter.
- # Currently only projects are allowed. Format: `projects/{project_number}`
- "A String",
- ],
- "restrictedServices": [ # Google Cloud services that are subject to the Service Perimeter
- # restrictions. Must contain a list of services. For example, if
- # `storage.googleapis.com` is specified, access to the storage buckets
- # inside the perimeter must meet the perimeter's access restrictions.
- "A String",
- ],
- "vpcAccessibleServices": { # Specifies how APIs are allowed to communicate within the Service # Beta. Configuration for APIs allowed within Perimeter.
- # Perimeter.
- "allowedServices": [ # The list of APIs usable within the Service Perimeter. Must be empty
- # unless 'enable_restriction' is True.
- "A String",
- ],
- "enableRestriction": True or False, # Whether to restrict API calls within the Service Perimeter to the list of
- # APIs specified in 'allowed_services'.
- },
+ "enableRestriction": True or False, # Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
},
- "perimeterType": "A String", # Perimeter type indicator. A single project is
- # allowed to be a member of single regular perimeter, but multiple service
- # perimeter bridges. A project cannot be a included in a perimeter bridge
- # without being included in regular perimeter. For perimeter bridges,
- # restricted/unrestricted service lists as well as access lists must be
- # empty.
- "title": "A String", # Human readable title. Must be unique within the Policy.
- "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
- # behavior.
- "name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name`
- # component must begin with a letter and only include alphanumeric and '_'.
- # Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
+ "restrictedServices": [ # Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
+ "A String",
+ ],
+ "unrestrictedServices": [ # Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
+ "A String",
+ ],
+ "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.
+ "A String",
+ ],
+ "resources": [ # A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`
+ "A String",
+ ],
},
+ },
],
- "nextPageToken": "A String", # The pagination token to retrieve the next page of results. If the value is
- # empty, no further results remain.
+ "nextPageToken": "A String", # The pagination token to retrieve the next page of results. If the value is empty, no further results remain.
}</pre>
</div>
@@ -486,83 +308,39 @@
<div class="method">
<code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
- <pre>Update a Service Perimeter. The
-longrunning operation from this RPC will have a successful status once the
-changes to the Service Perimeter have
-propagated to long-lasting storage. Service Perimeter containing
-errors will result in an error response for the first error encountered.
+ <pre>Update a Service Perimeter. The longrunning operation from this RPC will have a successful status once the changes to the Service Perimeter have propagated to long-lasting storage. Service Perimeter containing errors will result in an error response for the first error encountered.
Args:
- name: string, Required. Resource name for the ServicePerimeter. The `short_name`
-component must begin with a letter and only include alphanumeric and '_'.
-Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}` (required)
+ name: string, Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and '_'. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}` (required)
body: object, The request body.
The object takes the form of:
-{ # `ServicePerimeter` describes a set of Google Cloud resources which can freely
- # import and export data amongst themselves, but not export outside of the
- # `ServicePerimeter`. If a request with a source within this `ServicePerimeter`
- # has a target outside of the `ServicePerimeter`, the request will be blocked.
- # Otherwise the request is allowed. There are two types of Service Perimeter -
- # Regular and Bridge. Regular Service Perimeters cannot overlap, a single
- # Google Cloud project can only belong to a single regular Service Perimeter.
- # Service Perimeter Bridges can contain only Google Cloud projects as members,
- # a single Google Cloud project may belong to multiple Service Perimeter
- # Bridges.
- "status": { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that # Current ServicePerimeter configuration. Specifies sets of resources,
- # restricted/unrestricted services and access levels that determine perimeter
- # content and boundaries.
- # describe specific Service Perimeter configuration.
- "unrestrictedServices": [ # Google Cloud services that are not subject to the Service Perimeter
- # restrictions. Deprecated. Must be set to a single wildcard "*".
- #
- # The wildcard means that unless explicitly specified by
- # "restricted_services" list, any service is treated as unrestricted.
+{ # `ServicePerimeter` describes a set of Google Cloud resources which can freely import and export data amongst themselves, but not export outside of the `ServicePerimeter`. If a request with a source within this `ServicePerimeter` has a target outside of the `ServicePerimeter`, the request will be blocked. Otherwise the request is allowed. There are two types of Service Perimeter - Regular and Bridge. Regular Service Perimeters cannot overlap, a single Google Cloud project can only belong to a single regular Service Perimeter. Service Perimeter Bridges can contain only Google Cloud projects as members, a single Google Cloud project may belong to multiple Service Perimeter Bridges.
+ "perimeterType": "A String", # Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.
+ "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect behavior.
+ "name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name` component must begin with a letter and only include alphanumeric and '_'. Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
+ "title": "A String", # Human readable title. Must be unique within the Policy.
+ "status": { # `ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration. # Current ServicePerimeter configuration. Specifies sets of resources, restricted/unrestricted services and access levels that determine perimeter content and boundaries.
+ "vpcAccessibleServices": { # Specifies how APIs are allowed to communicate within the Service Perimeter. # Beta. Configuration for APIs allowed within Perimeter.
+ "allowedServices": [ # The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter.
"A String",
],
- "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the
- # `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed
- # must be in the same policy as this `ServicePerimeter`. Referencing a
- # nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are
- # listed, resources within the perimeter can only be accessed via Google
- # Cloud calls with request origins within the perimeter. Example:
- # `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`.
- # For Service Perimeter Bridge, must be empty.
- "A String",
- ],
- "resources": [ # A list of Google Cloud resources that are inside of the service perimeter.
- # Currently only projects are allowed. Format: `projects/{project_number}`
- "A String",
- ],
- "restrictedServices": [ # Google Cloud services that are subject to the Service Perimeter
- # restrictions. Must contain a list of services. For example, if
- # `storage.googleapis.com` is specified, access to the storage buckets
- # inside the perimeter must meet the perimeter's access restrictions.
- "A String",
- ],
- "vpcAccessibleServices": { # Specifies how APIs are allowed to communicate within the Service # Beta. Configuration for APIs allowed within Perimeter.
- # Perimeter.
- "allowedServices": [ # The list of APIs usable within the Service Perimeter. Must be empty
- # unless 'enable_restriction' is True.
- "A String",
- ],
- "enableRestriction": True or False, # Whether to restrict API calls within the Service Perimeter to the list of
- # APIs specified in 'allowed_services'.
- },
+ "enableRestriction": True or False, # Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'.
},
- "perimeterType": "A String", # Perimeter type indicator. A single project is
- # allowed to be a member of single regular perimeter, but multiple service
- # perimeter bridges. A project cannot be a included in a perimeter bridge
- # without being included in regular perimeter. For perimeter bridges,
- # restricted/unrestricted service lists as well as access lists must be
- # empty.
- "title": "A String", # Human readable title. Must be unique within the Policy.
- "description": "A String", # Description of the `ServicePerimeter` and its use. Does not affect
- # behavior.
- "name": "A String", # Required. Resource name for the ServicePerimeter. The `short_name`
- # component must begin with a letter and only include alphanumeric and '_'.
- # Format: `accessPolicies/{policy_id}/servicePerimeters/{short_name}`
- }
+ "restrictedServices": [ # Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions.
+ "A String",
+ ],
+ "unrestrictedServices": [ # Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard "*". The wildcard means that unless explicitly specified by "restricted_services" list, any service is treated as unrestricted.
+ "A String",
+ ],
+ "accessLevels": [ # A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL"`. For Service Perimeter Bridge, must be empty.
+ "A String",
+ ],
+ "resources": [ # A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`
+ "A String",
+ ],
+ },
+}
updateMask: string, Required. Mask to control which fields get updated. Must be non-empty.
x__xgafv: string, V1 error format.
@@ -573,48 +351,24 @@
Returns:
An object of the form:
- { # This resource represents a long-running operation that is the result of a
- # network API call.
- "metadata": { # Service-specific metadata associated with the operation. It typically
- # contains progress information and common metadata such as create time.
- # Some services might not provide such metadata. Any method that returns a
- # long-running operation should document the metadata type, if any.
+ { # This resource represents a long-running operation that is the result of a network API call.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+ "done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+ "response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "response": { # The normal response of the operation in case of success. If the original
- # method returns no data on success, such as `Delete`, the response is
- # `google.protobuf.Empty`. If the original method is standard
- # `Get`/`Create`/`Update`, the response should be the resource. For other
- # methods, the response should have the type `XxxResponse`, where `Xxx`
- # is the original method name. For example, if the original method name
- # is `TakeSnapshot()`, the inferred response type is
- # `TakeSnapshotResponse`.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should be a resource name ending with `operations/{unique_id}`.
- "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
- # different programming environments, including REST APIs and RPC APIs. It is
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
- # three pieces of data: error code, error message, and error details.
- #
- # You can find out more about this error model and how to work with it in the
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "details": [ # A list of messages that carry the error details. There is a common set of
- # message types for APIs to use.
+ "error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+ "details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
},
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If `true`, the operation is completed, and either `error` or `response` is
- # available.
+ "metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
}</pre>
</div>