Clean and regen docs (#401)
diff --git a/docs/dyn/compute_alpha.images.html b/docs/dyn/compute_alpha.images.html
index de1e2ed..5a75fdc 100644
--- a/docs/dyn/compute_alpha.images.html
+++ b/docs/dyn/compute_alpha.images.html
@@ -90,7 +90,7 @@
<code><a href="#getIamPolicy">getIamPolicy(project, resource)</a></code></p>
<p class="firstline">Gets the access control policy for a resource. May be empty if no such policy or resource exists.</p>
<p class="toc_element">
- <code><a href="#insert">insert(project, body, forceCreation=None, requestId=None)</a></code></p>
+ <code><a href="#insert">insert(project, body, requestId=None, forceCreate=None)</a></code></p>
<p class="firstline">Creates an image in the specified project using the data included in the request.</p>
<p class="toc_element">
<code><a href="#list">list(project, orderBy=None, maxResults=None, pageToken=None, filter=None)</a></code></p>
@@ -251,6 +251,17 @@
An object of the form:
{ # An Image resource.
+ "sourceImageEncryptionKey": { # Represents a customer-supplied encryption key # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+ "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+ "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+ "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+ #
+ # The key must meet the following requirements before you can provide it to Compute Engine:
+ # - The key is wrapped using a RSA public key certificate provided by Google.
+ # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
+ # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+ },
"sourceDiskEncryptionKey": { # Represents a customer-supplied encryption key # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
"rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
"sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
@@ -260,13 +271,14 @@
# - The key is wrapped using a RSA public key certificate provided by Google.
# - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
},
"family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
"labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
"a_key": "A String",
},
"archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
- "guestOsFeatures": [ # A list of features to enable on the guest OS. Applicable for bootable images only. Currently, only one feature can be enabled, VIRTIO_SCSCI_MULTIQUEUE, which allows each virtual CPU to have its own queue. For Windows images, you can only enable VIRTIO_SCSCI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux images with kernel versions 3.17 and higher will support VIRTIO_SCSCI_MULTIQUEUE.
+ "guestOsFeatures": [ # A list of features to enable on the guest OS. Applicable for bootable images only. Currently, only one feature can be enabled, VIRTIO_SCSI_MULTIQUEUE, which allows each virtual CPU to have its own queue. For Windows images, you can only enable VIRTIO_SCSI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux images with kernel versions 3.17 and higher will support VIRTIO_SCSI_MULTIQUEUE.
#
# For new Windows images, the server might also populate this field with the value WINDOWS, to indicate that this is a Windows image. This value is purely informational and does not enable or disable any features.
{ # Guest OS features.
@@ -298,6 +310,7 @@
# - The key is wrapped using a RSA public key certificate provided by Google.
# - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
},
"status": "A String", # [Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.
"description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -310,6 +323,7 @@
#
# To see the latest fingerprint, make a get() request to retrieve an image.
"sourceDiskId": "A String", # The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
+ "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
"sourceImage": "A String", # URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:
# - this property, or
# - the rawDisk.source property, or
@@ -340,6 +354,17 @@
An object of the form:
{ # An Image resource.
+ "sourceImageEncryptionKey": { # Represents a customer-supplied encryption key # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+ "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+ "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+ "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+ #
+ # The key must meet the following requirements before you can provide it to Compute Engine:
+ # - The key is wrapped using a RSA public key certificate provided by Google.
+ # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
+ # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+ },
"sourceDiskEncryptionKey": { # Represents a customer-supplied encryption key # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
"rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
"sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
@@ -349,13 +374,14 @@
# - The key is wrapped using a RSA public key certificate provided by Google.
# - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
},
"family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
"labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
"a_key": "A String",
},
"archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
- "guestOsFeatures": [ # A list of features to enable on the guest OS. Applicable for bootable images only. Currently, only one feature can be enabled, VIRTIO_SCSCI_MULTIQUEUE, which allows each virtual CPU to have its own queue. For Windows images, you can only enable VIRTIO_SCSCI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux images with kernel versions 3.17 and higher will support VIRTIO_SCSCI_MULTIQUEUE.
+ "guestOsFeatures": [ # A list of features to enable on the guest OS. Applicable for bootable images only. Currently, only one feature can be enabled, VIRTIO_SCSI_MULTIQUEUE, which allows each virtual CPU to have its own queue. For Windows images, you can only enable VIRTIO_SCSI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux images with kernel versions 3.17 and higher will support VIRTIO_SCSI_MULTIQUEUE.
#
# For new Windows images, the server might also populate this field with the value WINDOWS, to indicate that this is a Windows image. This value is purely informational and does not enable or disable any features.
{ # Guest OS features.
@@ -387,6 +413,7 @@
# - The key is wrapped using a RSA public key certificate provided by Google.
# - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
},
"status": "A String", # [Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.
"description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -399,6 +426,7 @@
#
# To see the latest fingerprint, make a get() request to retrieve an image.
"sourceDiskId": "A String", # The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
+ "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
"sourceImage": "A String", # URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:
# - this property, or
# - the rawDisk.source property, or
@@ -440,9 +468,15 @@
#
# For a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam).
"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
- { # Specifies the audit configuration for a service. It consists of which permission types are logged, and what identities, if any, are exempted from logging. An AuditConifg must have one or more AuditLogConfigs.
+ { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
#
- # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices" "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:foo@gmail.com" ] }, { "log_type": "DATA_WRITE", }, { "log_type": "ADMIN_READ", } ] }, { "service": "fooservice@googleapis.com" "audit_log_configs": [ { "log_type": "DATA_READ", }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:bar@gmail.com" ] } ] } ] } For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.
+ # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditConfig are exempted.
+ #
+ # Example Policy with multiple AuditConfigs:
+ #
+ # { "audit_configs": [ { "service": "allServices" "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:foo@gmail.com" ] }, { "log_type": "DATA_WRITE", }, { "log_type": "ADMIN_READ", } ] }, { "service": "fooservice.googleapis.com" "audit_log_configs": [ { "log_type": "DATA_READ", }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:bar@gmail.com" ] } ] } ] }
+ #
+ # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.
"exemptedMembers": [
"A String",
],
@@ -458,7 +492,7 @@
"logType": "A String", # The log type that this config enables.
},
],
- "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `resourcemanager`, `storage`, `compute`. `allServices` is a special value that covers all services.
+ "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
},
],
"rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
@@ -469,6 +503,9 @@
"field": "A String", # The field value to attribute.
"metric": "A String", # The metric to update.
},
+ "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+ "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+ },
},
],
"notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
@@ -517,6 +554,8 @@
#
# * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
#
+ #
+ #
# * `domain:{domain}`: A Google Apps domain name that represents all the users of that domain. For example, `google.com` or `example.com`.
"A String",
],
@@ -527,7 +566,7 @@
</div>
<div class="method">
- <code class="details" id="insert">insert(project, body, forceCreation=None, requestId=None)</code>
+ <code class="details" id="insert">insert(project, body, requestId=None, forceCreate=None)</code>
<pre>Creates an image in the specified project using the data included in the request.
Args:
@@ -536,6 +575,17 @@
The object takes the form of:
{ # An Image resource.
+ "sourceImageEncryptionKey": { # Represents a customer-supplied encryption key # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+ "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+ "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+ "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+ #
+ # The key must meet the following requirements before you can provide it to Compute Engine:
+ # - The key is wrapped using a RSA public key certificate provided by Google.
+ # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
+ # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+ },
"sourceDiskEncryptionKey": { # Represents a customer-supplied encryption key # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
"rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
"sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
@@ -545,13 +595,14 @@
# - The key is wrapped using a RSA public key certificate provided by Google.
# - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
},
"family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
"labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
"a_key": "A String",
},
"archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
- "guestOsFeatures": [ # A list of features to enable on the guest OS. Applicable for bootable images only. Currently, only one feature can be enabled, VIRTIO_SCSCI_MULTIQUEUE, which allows each virtual CPU to have its own queue. For Windows images, you can only enable VIRTIO_SCSCI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux images with kernel versions 3.17 and higher will support VIRTIO_SCSCI_MULTIQUEUE.
+ "guestOsFeatures": [ # A list of features to enable on the guest OS. Applicable for bootable images only. Currently, only one feature can be enabled, VIRTIO_SCSI_MULTIQUEUE, which allows each virtual CPU to have its own queue. For Windows images, you can only enable VIRTIO_SCSI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux images with kernel versions 3.17 and higher will support VIRTIO_SCSI_MULTIQUEUE.
#
# For new Windows images, the server might also populate this field with the value WINDOWS, to indicate that this is a Windows image. This value is purely informational and does not enable or disable any features.
{ # Guest OS features.
@@ -583,6 +634,7 @@
# - The key is wrapped using a RSA public key certificate provided by Google.
# - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
},
"status": "A String", # [Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.
"description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -595,6 +647,7 @@
#
# To see the latest fingerprint, make a get() request to retrieve an image.
"sourceDiskId": "A String", # The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
+ "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
"sourceImage": "A String", # URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:
# - this property, or
# - the rawDisk.source property, or
@@ -612,8 +665,8 @@
"selfLink": "A String", # [Output Only] Server-defined URL for the resource.
}
- forceCreation: boolean, Force image creation if true.
requestId: string, begin_interface: MixerMutationRequestBuilder Request ID to support idempotency.
+ forceCreate: boolean, Force image creation if true.
Returns:
An object of the form:
@@ -695,6 +748,17 @@
"nextPageToken": "A String", # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
"items": [ # [Output Only] A list of Image resources.
{ # An Image resource.
+ "sourceImageEncryptionKey": { # Represents a customer-supplied encryption key # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key.
+ "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
+ "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
+ "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource.
+ #
+ # The key must meet the following requirements before you can provide it to Compute Engine:
+ # - The key is wrapped using a RSA public key certificate provided by Google.
+ # - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
+ # https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
+ },
"sourceDiskEncryptionKey": { # Represents a customer-supplied encryption key # The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key.
"rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.
"sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
@@ -704,13 +768,14 @@
# - The key is wrapped using a RSA public key certificate provided by Google.
# - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
},
"family": "A String", # The name of the image family to which this image belongs. You can create disks by specifying an image family instead of a specific image name. The image family always returns its latest image that is not deprecated. The name of the image family must comply with RFC1035.
"labels": { # Labels to apply to this image. These can be later modified by the setLabels method.
"a_key": "A String",
},
"archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud Storage (in bytes).
- "guestOsFeatures": [ # A list of features to enable on the guest OS. Applicable for bootable images only. Currently, only one feature can be enabled, VIRTIO_SCSCI_MULTIQUEUE, which allows each virtual CPU to have its own queue. For Windows images, you can only enable VIRTIO_SCSCI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux images with kernel versions 3.17 and higher will support VIRTIO_SCSCI_MULTIQUEUE.
+ "guestOsFeatures": [ # A list of features to enable on the guest OS. Applicable for bootable images only. Currently, only one feature can be enabled, VIRTIO_SCSI_MULTIQUEUE, which allows each virtual CPU to have its own queue. For Windows images, you can only enable VIRTIO_SCSI_MULTIQUEUE on images with driver version 1.2.0.1621 or higher. Linux images with kernel versions 3.17 and higher will support VIRTIO_SCSI_MULTIQUEUE.
#
# For new Windows images, the server might also populate this field with the value WINDOWS, to indicate that this is a Windows image. This value is purely informational and does not enable or disable any features.
{ # Guest OS features.
@@ -742,6 +807,7 @@
# - The key is wrapped using a RSA public key certificate provided by Google.
# - After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Get the RSA public key certificate provided by Google at:
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
+ "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
},
"status": "A String", # [Output Only] The status of the image. An image can be used to create other resources, such as instances, only after the image has been successfully created and the status is set to READY. Possible values are FAILED, PENDING, or READY.
"description": "A String", # An optional description of this resource. Provide this property when you create the resource.
@@ -754,6 +820,7 @@
#
# To see the latest fingerprint, make a get() request to retrieve an image.
"sourceDiskId": "A String", # The ID value of the disk used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given disk name.
+ "sourceImageId": "A String", # [Output Only] The ID value of the image used to create this image. This value may be used to determine whether the image was taken from the current or a previous instance of a given image name.
"sourceImage": "A String", # URL of the source image used to create this image. This can be a full or valid partial URL. You must provide exactly one of:
# - this property, or
# - the rawDisk.source property, or
@@ -813,9 +880,15 @@
#
# For a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam).
"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
- { # Specifies the audit configuration for a service. It consists of which permission types are logged, and what identities, if any, are exempted from logging. An AuditConifg must have one or more AuditLogConfigs.
+ { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
#
- # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices" "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:foo@gmail.com" ] }, { "log_type": "DATA_WRITE", }, { "log_type": "ADMIN_READ", } ] }, { "service": "fooservice@googleapis.com" "audit_log_configs": [ { "log_type": "DATA_READ", }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:bar@gmail.com" ] } ] } ] } For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.
+ # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditConfig are exempted.
+ #
+ # Example Policy with multiple AuditConfigs:
+ #
+ # { "audit_configs": [ { "service": "allServices" "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:foo@gmail.com" ] }, { "log_type": "DATA_WRITE", }, { "log_type": "ADMIN_READ", } ] }, { "service": "fooservice.googleapis.com" "audit_log_configs": [ { "log_type": "DATA_READ", }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:bar@gmail.com" ] } ] } ] }
+ #
+ # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.
"exemptedMembers": [
"A String",
],
@@ -831,7 +904,7 @@
"logType": "A String", # The log type that this config enables.
},
],
- "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `resourcemanager`, `storage`, `compute`. `allServices` is a special value that covers all services.
+ "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
},
],
"rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
@@ -842,6 +915,9 @@
"field": "A String", # The field value to attribute.
"metric": "A String", # The metric to update.
},
+ "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+ "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+ },
},
],
"notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
@@ -890,6 +966,8 @@
#
# * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
#
+ #
+ #
# * `domain:{domain}`: A Google Apps domain name that represents all the users of that domain. For example, `google.com` or `example.com`.
"A String",
],
@@ -914,9 +992,15 @@
#
# For a description of IAM and its features, see the [IAM developer's guide](https://cloud.google.com/iam).
"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
- { # Specifies the audit configuration for a service. It consists of which permission types are logged, and what identities, if any, are exempted from logging. An AuditConifg must have one or more AuditLogConfigs.
+ { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
#
- # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices" "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:foo@gmail.com" ] }, { "log_type": "DATA_WRITE", }, { "log_type": "ADMIN_READ", } ] }, { "service": "fooservice@googleapis.com" "audit_log_configs": [ { "log_type": "DATA_READ", }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:bar@gmail.com" ] } ] } ] } For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.
+ # If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditConfig are exempted.
+ #
+ # Example Policy with multiple AuditConfigs:
+ #
+ # { "audit_configs": [ { "service": "allServices" "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:foo@gmail.com" ] }, { "log_type": "DATA_WRITE", }, { "log_type": "ADMIN_READ", } ] }, { "service": "fooservice.googleapis.com" "audit_log_configs": [ { "log_type": "DATA_READ", }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:bar@gmail.com" ] } ] } ] }
+ #
+ # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.
"exemptedMembers": [
"A String",
],
@@ -932,7 +1016,7 @@
"logType": "A String", # The log type that this config enables.
},
],
- "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `resourcemanager`, `storage`, `compute`. `allServices` is a special value that covers all services.
+ "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
},
],
"rules": [ # If more than one rule is specified, the rules are applied in the following manner: - All matching LOG rules are always applied. - If any DENY/DENY_WITH_LOG rule matches, permission is denied. Logging will be applied if one or more matching rule requires logging. - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is granted. Logging will be applied if one or more matching rule requires logging. - Otherwise, if no rule applies, permission is denied.
@@ -943,6 +1027,9 @@
"field": "A String", # The field value to attribute.
"metric": "A String", # The metric to update.
},
+ "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
+ "logName": "A String", # The log_name to populate in the Cloud Audit Record.
+ },
},
],
"notIns": [ # If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
@@ -991,6 +1078,8 @@
#
# * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`.
#
+ #
+ #
# * `domain:{domain}`: A Google Apps domain name that represents all the users of that domain. For example, `google.com` or `example.com`.
"A String",
],