docs: update docs (#916)
* fix: re-run script
* test: fix noxfile
diff --git a/docs/dyn/serviceusage_v1.services.html b/docs/dyn/serviceusage_v1.services.html
index 589bf09..cc432dd 100644
--- a/docs/dyn/serviceusage_v1.services.html
+++ b/docs/dyn/serviceusage_v1.services.html
@@ -90,7 +90,7 @@
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Returns the service configuration and enabled state for a given service.</p>
<p class="toc_element">
- <code><a href="#list">list(parent, pageSize=None, pageToken=None, filter=None, x__xgafv=None)</a></code></p>
+ <code><a href="#list">list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
<p class="firstline">List all services available to the specified project, and the current</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
@@ -138,9 +138,6 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If `true`, the operation is completed, and either `error` or `response` is
- # available.
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
@@ -154,20 +151,20 @@
#
# You can find out more about this error model and how to work with it in the
# [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
"details": [ # A list of messages that carry the error details. There is a common set of
# message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should be a resource name ending with `operations/{unique_id}`.
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -178,6 +175,9 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
}</pre>
</div>
@@ -209,148 +209,295 @@
{ # Response message for the `BatchGetServices` method.
"services": [ # The requested Service states.
{ # A service that is available for use by the consumer.
- "name": "A String", # The resource name of the consumer and service.
+ "parent": "A String", # The resource name of the consumer.
#
# A valid name would be:
- # - projects/123/services/serviceusage.googleapis.com
+ # - projects/123
+ "state": "A String", # Whether or not the service has been enabled for use by the consumer.
"config": { # The configuration of the service. # The service configuration of the available service.
# Some fields may be filtered out of the configuration in responses to
# the `ListServices` method. These fields are present only in responses to
# the `GetService` method.
- "quota": { # Quota configuration helps to achieve fairness and budgeting in service # Quota configuration.
- # usage.
+ "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
#
- # The metric based quota configuration works this way:
- # - The service configuration defines a set of metrics.
- # - For API calls, the quota.metric_rules maps methods to metrics with
- # corresponding costs.
- # - The quota.limits defines limits on the metrics, which will be used for
- # quota checks at runtime.
+ # Example for an API targeted for external use:
#
- # An example quota configuration in yaml format:
- #
- # quota:
- # limits:
- #
- # - name: apiWriteQpsPerProject
- # metric: library.googleapis.com/write_calls
- # unit: "1/min/{project}" # rate limit for consumer projects
- # values:
- # STANDARD: 10000
- #
- #
- # # The metric rules bind all methods to the read_calls metric,
- # # except for the UpdateBook and DeleteBook methods. These two methods
- # # are mapped to the write_calls metric, with the UpdateBook method
- # # consuming at twice rate as the DeleteBook method.
- # metric_rules:
- # - selector: "*"
- # metric_costs:
- # library.googleapis.com/read_calls: 1
- # - selector: google.example.library.v1.LibraryService.UpdateBook
- # metric_costs:
- # library.googleapis.com/write_calls: 2
- # - selector: google.example.library.v1.LibraryService.DeleteBook
- # metric_costs:
- # library.googleapis.com/write_calls: 1
- #
- # Corresponding Metric definition:
- #
- # metrics:
- # - name: library.googleapis.com/read_calls
- # display_name: Read requests
- # metric_kind: DELTA
- # value_type: INT64
- #
- # - name: library.googleapis.com/write_calls
- # display_name: Write requests
- # metric_kind: DELTA
- # value_type: INT64
- #
- "limits": [ # List of `QuotaLimit` definitions for the service.
- { # `QuotaLimit` defines a specific limit that applies over a specified duration
- # for a limit type. There can be at most one limit for a duration and limit
- # type combination defined within a `QuotaGroup`.
- "displayName": "A String", # User-visible display name for this limit.
- # Optional. If not set, the UI will provide a default display name based on
- # the quota configuration. This field can be used to override the default
- # display name generated from the configuration.
- "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
- # The free tier is the number of tokens that will be subtracted from the
- # billed amount when billing is enabled.
- # This field can only be set on a limit with duration "1d", in a billable
- # group; it is invalid on any other limit. If this field is not set, it
- # defaults to 0, indicating that there is no free tier for this service.
+ # name: calendar.googleapis.com
+ # authentication:
+ # providers:
+ # - id: google_calendar_auth
+ # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
+ # issuer: https://securetoken.google.com
+ # rules:
+ # - selector: "*"
+ # requirements:
+ # provider_id: google_calendar_auth
+ "providers": [ # Defines a set of authentication providers that a service supports.
+ { # Configuration for an authentication provider, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "audiences": "A String", # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, JWTs with audiences:
+ # - "https://[service.name]/[google.protobuf.Api.name]"
+ # - "https://[service.name]/"
+ # will be accepted.
+ # For example, if no audiences are in the setting, LibraryService API will
+ # accept JWTs with the following audiences:
+ # -
+ # https://library-example.googleapis.com/google.example.library.v1.LibraryService
+ # - https://library-example.googleapis.com/
#
- # Used by group-based quotas only.
- "values": { # Tiered limit values. You must specify this as a key:value pair, with an
- # integer value that is the maximum number of requests allowed for the
- # specified unit. Currently only STANDARD is supported.
- "a_key": "A String",
- },
- "name": "A String", # Name of the quota limit.
+ # Example:
#
- # The name must be provided, and it must be unique within the service. The
- # name can only include alphanumeric characters as well as '-'.
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
+ # Optional if the key set document:
+ # - can be retrieved from
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
+ # the issuer.
+ # - can be inferred from the email domain of the issuer (e.g. a Google
+ # service account).
#
- # The maximum length of the limit name is 64 characters.
- "description": "A String", # Optional. User-visible, extended description for this quota limit.
- # Should be used only when more context is needed to understand this limit
- # than provided by the limit's display name (see: `display_name`).
- "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
- # duration. Client application developers can override the default limit up
- # to this maximum. If specified, this value cannot be set to a value less
- # than the default limit. If not specified, it is set to the default limit.
+ # Example: https://www.googleapis.com/oauth2/v1/certs
+ "id": "A String", # The unique identifier of the auth provider. It will be referred to by
+ # `AuthRequirement.provider_id`.
#
- # To allow clients to apply overrides with no upper bound, set this to -1,
- # indicating unlimited maximum quota.
+ # Example: "bookstore_auth".
+ "jwtLocations": [ # Defines the locations to extract the JWT.
#
- # Used by group-based quotas only.
- "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
- # the same metric will be checked together during runtime. The metric must be
- # defined within the service config.
- "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
- # Metric.unit. The supported unit kinds are determined by the quota
- # backend system.
+ # JWT locations can be either from HTTP headers or URL query parameters.
+ # The rule is that the first match wins. The checking order is: checking
+ # all headers first, then URL query parameters.
#
- # Here are some examples:
- # * "1/min/{project}" for quota per minute per project.
+ # If not specified, default to use following 3 locations:
+ # 1) Authorization: Bearer
+ # 2) x-goog-iap-jwt-assertion
+ # 3) access_token query parameter
#
- # Note: the order of unit components is insignificant.
- # The "1" at the beginning is required to follow the metric unit syntax.
- "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
+ # Default locations can be specified as followings:
+ # jwt_locations:
+ # - header: Authorization
+ # value_prefix: "Bearer "
+ # - header: x-goog-iap-jwt-assertion
+ # - query: access_token
+ { # Specifies a location to extract JWT from an API request.
+ "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
+ # Only applies to "in" header type. Must be empty for "in" query type.
+ # If not empty, the header value has to match (case sensitive) this prefix.
+ # If not matched, JWT will not be extracted. If matched, JWT will be
+ # extracted after the prefix is removed.
+ #
+ # For example, for "Authorization: Bearer {JWT}",
+ # value_prefix="Bearer " with a space at the end.
+ "header": "A String", # Specifies HTTP header name to extract JWT token.
+ "query": "A String", # Specifies URL query parameter name to extract JWT token.
+ },
+ ],
+ "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
+ # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
+ "issuer": "A String", # Identifies the principal that issued the JWT. See
+ # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
+ # Usually a URL or an email address.
#
- # Used by group-based quotas only.
- "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
- # duration. This is the number of tokens assigned when a client
- # application developer activates the service for his/her project.
- #
- # Specifying a value of 0 will block all requests. This can be used if you
- # are provisioning quota to selected consumers and blocking others.
- # Similarly, a value of -1 will indicate an unlimited quota. No other
- # negative values are allowed.
- #
- # Used by group-based quotas only.
+ # Example: https://securetoken.google.com
+ # Example: 1234567-compute@developer.gserviceaccount.com
},
],
- "metricRules": [ # List of `MetricRule` definitions, each one mapping a selected method to one
- # or more metrics.
- { # Bind API methods to metrics. Binding a method to a metric causes that
- # metric's configured quota behaviors to apply to the method call.
+ "rules": [ # A list of authentication rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Authentication rules for the service.
+ #
+ # By default, if a method has any authentication requirements, every request
+ # must include a valid credential matching one of the requirements.
+ # It's an error to include more than one kind of credential in a single
+ # request.
+ #
+ # If a method doesn't have any auth requirements, request credentials will be
+ # ignored.
+ "requirements": [ # Requirements for additional authentication providers.
+ { # User-defined authentication requirements, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
+ # implemented and accepted in all the runtime components.
+ #
+ # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, only JWTs with audience
+ # "https://Service_name/API_name"
+ # will be accepted. For example, if no audiences are in the setting,
+ # LibraryService API will only accept JWTs with the following audience
+ # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
+ #
+ # Example:
+ #
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ "providerId": "A String", # id from authentication provider.
+ #
+ # Example:
+ #
+ # provider_id: bookstore_auth
+ },
+ ],
+ "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
"selector": "A String", # Selects the methods to which this rule applies.
#
# Refer to selector for syntax details.
- "metricCosts": { # Metrics to update when the selected methods are called, and the associated
- # cost applied to each metric.
+ "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
+ # there are scopes defined for "Read-only access to Google Calendar" and
+ # "Access to Cloud Platform". Users can consent to a scope for an application,
+ # giving it permission to access that data on their behalf.
#
- # The key of the map is the metric name, and the values are the amount
- # increased for the metric against which the quota limits are defined.
- # The value must not be negative.
- "a_key": "A String",
+ # OAuth scope specifications should be fairly coarse grained; a user will need
+ # to see and understand the text description of what your scope means.
+ #
+ # In most cases: use one or at most two OAuth scopes for an entire family of
+ # products. If your product has multiple APIs, you should probably be sharing
+ # the OAuth scope across all of those APIs.
+ #
+ # When you need finer grained OAuth consent screens: talk with your product
+ # management about how developers will use them in practice.
+ #
+ # Please note that even though each of the canonical scopes is enough for a
+ # request to be accepted and passed to the backend, a request can still fail
+ # due to the backend requiring additional scopes or permissions.
+ "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
+ # OAuth token containing any of these scopes will be accepted.
+ #
+ # Example:
+ #
+ # canonical_scopes: https://www.googleapis.com/auth/calendar,
+ # https://www.googleapis.com/auth/calendar.read
},
},
],
},
+ "endpoints": [ # Configuration for network endpoints. Contains only the names and aliases
+ # of the endpoints.
+ { # `Endpoint` describes a network endpoint that serves a set of APIs.
+ # A service may expose any number of endpoints, and all endpoints share the
+ # same service configuration, such as quota configuration and monitoring
+ # configuration.
+ #
+ # Example service configuration:
+ #
+ # name: library-example.googleapis.com
+ # endpoints:
+ # # Below entry makes 'google.example.library.v1.Library'
+ # # API be served from endpoint address library-example.googleapis.com.
+ # # It also allows HTTP OPTIONS calls to be passed to the backend, for
+ # # it to decide whether the subsequent cross-origin request is
+ # # allowed to proceed.
+ # - name: library-example.googleapis.com
+ # allow_cors: true
+ "features": [ # The list of features enabled on this endpoint.
+ "A String",
+ ],
+ "aliases": [ # DEPRECATED: This field is no longer supported. Instead of using aliases,
+ # please specify multiple google.api.Endpoint for each of the intended
+ # aliases.
+ #
+ # Additional names that this endpoint will be hosted on.
+ "A String",
+ ],
+ "allowCors": True or False, # Allowing
+ # [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka
+ # cross-domain traffic, would allow the backends served from this endpoint to
+ # receive and respond to HTTP OPTIONS requests. The response will be used by
+ # the browser to determine whether the subsequent cross-origin request is
+ # allowed to proceed.
+ "target": "A String", # The specification of an Internet routable address of API frontend that will
+ # handle requests to this [API
+ # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
+ # either a valid IPv4 address or a fully-qualified domain name. For example,
+ # "8.8.8.8" or "myservice.appspot.com".
+ "name": "A String", # The canonical name of this endpoint.
+ },
+ ],
+ "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
+ "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
+ #
+ #
+ # Use this field to configure per-product per-project service identity.
+ # Example of a service identity configuration.
+ #
+ # usage:
+ # service_identity:
+ # - service_account_parent: "projects/123456789"
+ # display_name: "Cloud XXX Service Agent"
+ # description: "Used as the identity of Cloud XXX to access resources"
+ "displayName": "A String", # Optional. A user-specified name for the service account.
+ # Must be less than or equal to 100 UTF-8 bytes.
+ "description": "A String", # Optional. A user-specified opaque description of the service account.
+ # Must be less than or equal to 256 UTF-8 bytes.
+ "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
+ #
+ # An example name would be:
+ # `projects/123456789`
+ },
+ "requirements": [ # Requirements that must be satisfied before a consumer project can use the
+ # service. Each requirement is of the form <service.name>/<requirement-id>;
+ # for example 'serviceusage.googleapis.com/billing-enabled'.
+ "A String",
+ ],
+ "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
+ # service producer.
+ #
+ # Google Service Management currently only supports
+ # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
+ # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
+ # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
+ # documented in https://cloud.google.com/pubsub/docs/overview.
+ "rules": [ # A list of usage rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Usage configuration rules for the service.
+ #
+ # NOTE: Under development.
+ #
+ #
+ # Use this rule to configure unregistered calls for the service. Unregistered
+ # calls are calls that do not contain consumer project identity.
+ # (Example: calls that do not contain an API key).
+ # By default, API methods do not allow unregistered calls, and each method call
+ # must be identified by a consumer project identity. Use this rule to
+ # allow/disallow unregistered calls.
+ #
+ # Example of an API that wants to allow unregistered calls for entire service.
+ #
+ # usage:
+ # rules:
+ # - selector: "*"
+ # allow_unregistered_calls: true
+ #
+ # Example of a method that wants to allow unregistered calls.
+ #
+ # usage:
+ # rules:
+ # - selector: "google.example.library.v1.LibraryService.CreateBook"
+ # allow_unregistered_calls: true
+ "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
+ # plane features, such as quota and billing, will not be available.
+ # This flag is used by Google Cloud Endpoints to bypass checks for internal
+ # methods, such as service health check methods.
+ "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
+ # that don't identify any user or application.
+ "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
+ # methods in all APIs.
+ #
+ # Refer to selector for syntax details.
+ },
+ ],
+ },
"apis": [ # A list of API interfaces exported by this service. Contains only the names,
# versions, and method names of the interfaces.
{ # Api is a light-weight descriptor for an API Interface.
@@ -362,49 +509,7 @@
# sometimes simply referred to as "APIs" in other contexts, such as the name of
# this message itself. See https://cloud.google.com/apis/design/glossary for
# detailed terminology.
- "name": "A String", # The fully qualified name of this interface, including package name
- # followed by the interface's simple name.
- "options": [ # Any metadata attached to the interface.
- { # A protocol buffer option, which can be attached to a message, field,
- # enumeration, etc.
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
- "value": { # The option's value packed in an Any message. If the value is a primitive,
- # the corresponding wrapper type defined in google/protobuf/wrappers.proto
- # should be used. If the value is an enum, it should be stored as an int32
- # value using the google.protobuf.Int32Value type.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- },
- ],
"syntax": "A String", # The source syntax of the service.
- "methods": [ # The methods of this interface, in unspecified order.
- { # Method represents a method of an API interface.
- "responseStreaming": True or False, # If true, the response is streamed.
- "name": "A String", # The simple name of this method.
- "syntax": "A String", # The source syntax of this method.
- "options": [ # Any metadata attached to the method.
- { # A protocol buffer option, which can be attached to a message, field,
- # enumeration, etc.
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
- "value": { # The option's value packed in an Any message. If the value is a primitive,
- # the corresponding wrapper type defined in google/protobuf/wrappers.proto
- # should be used. If the value is an enum, it should be stored as an int32
- # value using the google.protobuf.Int32Value type.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- },
- ],
- "requestStreaming": True or False, # If true, the request is streamed.
- "requestTypeUrl": "A String", # A URL of the input message type.
- "responseTypeUrl": "A String", # The URL of the output message type.
- },
- ],
"sourceContext": { # `SourceContext` represents information about the source of a # Source context for the protocol buffer service represented by this
# message.
# protobuf element, like the file in which it is defined.
@@ -430,6 +535,48 @@
# `google.feature.v1`. For major versions 0 and 1, the suffix can
# be omitted. Zero major versions must only be used for
# experimental, non-GA interfaces.
+ "methods": [ # The methods of this interface, in unspecified order.
+ { # Method represents a method of an API interface.
+ "responseTypeUrl": "A String", # The URL of the output message type.
+ "name": "A String", # The simple name of this method.
+ "syntax": "A String", # The source syntax of this method.
+ "options": [ # Any metadata attached to the method.
+ { # A protocol buffer option, which can be attached to a message, field,
+ # enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
+ "value": { # The option's value packed in an Any message. If the value is a primitive,
+ # the corresponding wrapper type defined in google/protobuf/wrappers.proto
+ # should be used. If the value is an enum, it should be stored as an int32
+ # value using the google.protobuf.Int32Value type.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ },
+ ],
+ "requestTypeUrl": "A String", # A URL of the input message type.
+ "requestStreaming": True or False, # If true, the request is streamed.
+ "responseStreaming": True or False, # If true, the response is streamed.
+ },
+ ],
+ "options": [ # Any metadata attached to the interface.
+ { # A protocol buffer option, which can be attached to a message, field,
+ # enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
+ "value": { # The option's value packed in an Any message. If the value is a primitive,
+ # the corresponding wrapper type defined in google/protobuf/wrappers.proto
+ # should be used. If the value is an enum, it should be stored as an int32
+ # value using the google.protobuf.Int32Value type.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ },
+ ],
+ "name": "A String", # The fully qualified name of this interface, including package name
+ # followed by the interface's simple name.
"mixins": [ # Included interfaces. See Mixin.
{ # Declares an API Interface to be included in this interface. The including
# interface must redeclare all the methods from the included interface, but
@@ -509,14 +656,151 @@
# }
# ...
# }
- "name": "A String", # The fully qualified name of the interface which is included.
"root": "A String", # If non-empty specifies a path under which inherited HTTP paths
# are rooted.
+ "name": "A String", # The fully qualified name of the interface which is included.
},
],
},
],
- "title": "A String", # The product title for this service.
+ "name": "A String", # The DNS address at which this service is available.
+ #
+ # An example DNS address would be:
+ # `calendar.googleapis.com`.
+ "quota": { # Quota configuration helps to achieve fairness and budgeting in service # Quota configuration.
+ # usage.
+ #
+ # The metric based quota configuration works this way:
+ # - The service configuration defines a set of metrics.
+ # - For API calls, the quota.metric_rules maps methods to metrics with
+ # corresponding costs.
+ # - The quota.limits defines limits on the metrics, which will be used for
+ # quota checks at runtime.
+ #
+ # An example quota configuration in yaml format:
+ #
+ # quota:
+ # limits:
+ #
+ # - name: apiWriteQpsPerProject
+ # metric: library.googleapis.com/write_calls
+ # unit: "1/min/{project}" # rate limit for consumer projects
+ # values:
+ # STANDARD: 10000
+ #
+ #
+ # # The metric rules bind all methods to the read_calls metric,
+ # # except for the UpdateBook and DeleteBook methods. These two methods
+ # # are mapped to the write_calls metric, with the UpdateBook method
+ # # consuming at twice rate as the DeleteBook method.
+ # metric_rules:
+ # - selector: "*"
+ # metric_costs:
+ # library.googleapis.com/read_calls: 1
+ # - selector: google.example.library.v1.LibraryService.UpdateBook
+ # metric_costs:
+ # library.googleapis.com/write_calls: 2
+ # - selector: google.example.library.v1.LibraryService.DeleteBook
+ # metric_costs:
+ # library.googleapis.com/write_calls: 1
+ #
+ # Corresponding Metric definition:
+ #
+ # metrics:
+ # - name: library.googleapis.com/read_calls
+ # display_name: Read requests
+ # metric_kind: DELTA
+ # value_type: INT64
+ #
+ # - name: library.googleapis.com/write_calls
+ # display_name: Write requests
+ # metric_kind: DELTA
+ # value_type: INT64
+ #
+ "metricRules": [ # List of `MetricRule` definitions, each one mapping a selected method to one
+ # or more metrics.
+ { # Bind API methods to metrics. Binding a method to a metric causes that
+ # metric's configured quota behaviors to apply to the method call.
+ "selector": "A String", # Selects the methods to which this rule applies.
+ #
+ # Refer to selector for syntax details.
+ "metricCosts": { # Metrics to update when the selected methods are called, and the associated
+ # cost applied to each metric.
+ #
+ # The key of the map is the metric name, and the values are the amount
+ # increased for the metric against which the quota limits are defined.
+ # The value must not be negative.
+ "a_key": "A String",
+ },
+ },
+ ],
+ "limits": [ # List of `QuotaLimit` definitions for the service.
+ { # `QuotaLimit` defines a specific limit that applies over a specified duration
+ # for a limit type. There can be at most one limit for a duration and limit
+ # type combination defined within a `QuotaGroup`.
+ "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
+ # The free tier is the number of tokens that will be subtracted from the
+ # billed amount when billing is enabled.
+ # This field can only be set on a limit with duration "1d", in a billable
+ # group; it is invalid on any other limit. If this field is not set, it
+ # defaults to 0, indicating that there is no free tier for this service.
+ #
+ # Used by group-based quotas only.
+ "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
+ #
+ # Used by group-based quotas only.
+ "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
+ # Metric.unit. The supported unit kinds are determined by the quota
+ # backend system.
+ #
+ # Here are some examples:
+ # * "1/min/{project}" for quota per minute per project.
+ #
+ # Note: the order of unit components is insignificant.
+ # The "1" at the beginning is required to follow the metric unit syntax.
+ "values": { # Tiered limit values. You must specify this as a key:value pair, with an
+ # integer value that is the maximum number of requests allowed for the
+ # specified unit. Currently only STANDARD is supported.
+ "a_key": "A String",
+ },
+ "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
+ # duration. This is the number of tokens assigned when a client
+ # application developer activates the service for his/her project.
+ #
+ # Specifying a value of 0 will block all requests. This can be used if you
+ # are provisioning quota to selected consumers and blocking others.
+ # Similarly, a value of -1 will indicate an unlimited quota. No other
+ # negative values are allowed.
+ #
+ # Used by group-based quotas only.
+ "name": "A String", # Name of the quota limit.
+ #
+ # The name must be provided, and it must be unique within the service. The
+ # name can only include alphanumeric characters as well as '-'.
+ #
+ # The maximum length of the limit name is 64 characters.
+ "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
+ # duration. Client application developers can override the default limit up
+ # to this maximum. If specified, this value cannot be set to a value less
+ # than the default limit. If not specified, it is set to the default limit.
+ #
+ # To allow clients to apply overrides with no upper bound, set this to -1,
+ # indicating unlimited maximum quota.
+ #
+ # Used by group-based quotas only.
+ "displayName": "A String", # User-visible display name for this limit.
+ # Optional. If not set, the UI will provide a default display name based on
+ # the quota configuration. This field can be used to override the default
+ # display name generated from the configuration.
+ "description": "A String", # Optional. User-visible, extended description for this quota limit.
+ # Should be used only when more context is needed to understand this limit
+ # than provided by the limit's display name (see: `display_name`).
+ "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
+ # the same metric will be checked together during runtime. The metric must be
+ # defined within the service config.
+ },
+ ],
+ },
"documentation": { # `Documentation` provides the information for describing a service. # Additional API documentation. Contains only the summary and the
# documentation URL.
#
@@ -573,20 +857,28 @@
# <pre><code>&#40;== resource_for v1.shelves.books ==&#41;</code></pre>
# The directive `suppress_warning` does not directly affect documentation
# and is documented together with service config validation.
+ "rules": [ # A list of documentation rules that apply to individual API elements.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # A documentation rule provides information about individual API elements.
+ "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
+ # qualified name of the element which may end in "*", indicating a wildcard.
+ # Wildcards are only allowed at the end and for a whole component of the
+ # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
+ # wildcard will match one or more components. To specify a default for all
+ # applicable elements, the whole pattern "*" is used.
+ "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
+ # an element is marked as `deprecated`.
+ "description": "A String", # Description of the selected API(s).
+ },
+ ],
"serviceRootUrl": "A String", # Specifies the service root url if the default one (the service name
# from the yaml file) is not suitable. This can be seen in any fully
# specified service urls as well as sections that show a base that other
# urls are relative to.
- "documentationRootUrl": "A String", # The URL to the root of documentation.
- "summary": "A String", # A short summary of what the service does. Can only be provided by
- # plain text.
"pages": [ # The top level pages for the documentation set.
{ # Represents a documentation page. A page can contain subpages to represent
# nested documentation set structure.
- "subpages": [ # Subpages of this page. The order of subpages specified here will be
- # honored in the generated docset.
- # Object with schema name: Page
- ],
"name": "A String", # The name of the page. It will be used as an identity of the page to
# generate URI of the page, text of the link to this page in navigation,
# etc. The full page name (start from the root page name to this page
@@ -603,6 +895,10 @@
# `Java`.
"content": "A String", # The Markdown content of the page. You can use <code>&#40;== include {path}
# ==&#41;</code> to include content from a Markdown file.
+ "subpages": [ # Subpages of this page. The order of subpages specified here will be
+ # honored in the generated docset.
+ # Object with schema name: Page
+ ],
},
],
"overview": "A String", # Declares a single overview page. For example:
@@ -618,312 +914,16 @@
# content: &#40;== include overview.md ==&#41;
# </code></pre>
# Note: you cannot specify both `overview` field and `pages` field.
- "rules": [ # A list of documentation rules that apply to individual API elements.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # A documentation rule provides information about individual API elements.
- "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
- # an element is marked as `deprecated`.
- "description": "A String", # Description of the selected API(s).
- "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
- # qualified name of the element which may end in "*", indicating a wildcard.
- # Wildcards are only allowed at the end and for a whole component of the
- # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
- # wildcard will match one or more components. To specify a default for all
- # applicable elements, the whole pattern "*" is used.
- },
- ],
+ "documentationRootUrl": "A String", # The URL to the root of documentation.
+ "summary": "A String", # A short summary of what the service does. Can only be provided by
+ # plain text.
},
- "name": "A String", # The DNS address at which this service is available.
- #
- # An example DNS address would be:
- # `calendar.googleapis.com`.
- "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
- #
- # Example for an API targeted for external use:
- #
- # name: calendar.googleapis.com
- # authentication:
- # providers:
- # - id: google_calendar_auth
- # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
- # issuer: https://securetoken.google.com
- # rules:
- # - selector: "*"
- # requirements:
- # provider_id: google_calendar_auth
- "providers": [ # Defines a set of authentication providers that a service supports.
- { # Configuration for an authentication provider, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
- # Optional if the key set document:
- # - can be retrieved from
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
- # the issuer.
- # - can be inferred from the email domain of the issuer (e.g. a Google
- # service account).
- #
- # Example: https://www.googleapis.com/oauth2/v1/certs
- "issuer": "A String", # Identifies the principal that issued the JWT. See
- # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
- # Usually a URL or an email address.
- #
- # Example: https://securetoken.google.com
- # Example: 1234567-compute@developer.gserviceaccount.com
- "id": "A String", # The unique identifier of the auth provider. It will be referred to by
- # `AuthRequirement.provider_id`.
- #
- # Example: "bookstore_auth".
- "jwtLocations": [ # Defines the locations to extract the JWT.
- #
- # JWT locations can be either from HTTP headers or URL query parameters.
- # The rule is that the first match wins. The checking order is: checking
- # all headers first, then URL query parameters.
- #
- # If not specified, default to use following 3 locations:
- # 1) Authorization: Bearer
- # 2) x-goog-iap-jwt-assertion
- # 3) access_token query parameter
- #
- # Default locations can be specified as followings:
- # jwt_locations:
- # - header: Authorization
- # value_prefix: "Bearer "
- # - header: x-goog-iap-jwt-assertion
- # - query: access_token
- { # Specifies a location to extract JWT from an API request.
- "query": "A String", # Specifies URL query parameter name to extract JWT token.
- "header": "A String", # Specifies HTTP header name to extract JWT token.
- "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
- # Only applies to "in" header type. Must be empty for "in" query type.
- # If not empty, the header value has to match (case sensitive) this prefix.
- # If not matched, JWT will not be extracted. If matched, JWT will be
- # extracted after the prefix is removed.
- #
- # For example, for "Authorization: Bearer {JWT}",
- # value_prefix="Bearer " with a space at the end.
- },
- ],
- "audiences": "A String", # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, JWTs with audiences:
- # - "https://[service.name]/[google.protobuf.Api.name]"
- # - "https://[service.name]/"
- # will be accepted.
- # For example, if no audiences are in the setting, LibraryService API will
- # accept JWTs with the following audiences:
- # -
- # https://library-example.googleapis.com/google.example.library.v1.LibraryService
- # - https://library-example.googleapis.com/
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
- # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
- },
- ],
- "rules": [ # A list of authentication rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Authentication rules for the service.
- #
- # By default, if a method has any authentication requirements, every request
- # must include a valid credential matching one of the requirements.
- # It's an error to include more than one kind of credential in a single
- # request.
- #
- # If a method doesn't have any auth requirements, request credentials will be
- # ignored.
- "selector": "A String", # Selects the methods to which this rule applies.
- #
- # Refer to selector for syntax details.
- "requirements": [ # Requirements for additional authentication providers.
- { # User-defined authentication requirements, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "providerId": "A String", # id from authentication provider.
- #
- # Example:
- #
- # provider_id: bookstore_auth
- "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
- # implemented and accepted in all the runtime components.
- #
- # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, only JWTs with audience
- # "https://Service_name/API_name"
- # will be accepted. For example, if no audiences are in the setting,
- # LibraryService API will only accept JWTs with the following audience
- # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- },
- ],
- "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
- # there are scopes defined for "Read-only access to Google Calendar" and
- # "Access to Cloud Platform". Users can consent to a scope for an application,
- # giving it permission to access that data on their behalf.
- #
- # OAuth scope specifications should be fairly coarse grained; a user will need
- # to see and understand the text description of what your scope means.
- #
- # In most cases: use one or at most two OAuth scopes for an entire family of
- # products. If your product has multiple APIs, you should probably be sharing
- # the OAuth scope across all of those APIs.
- #
- # When you need finer grained OAuth consent screens: talk with your product
- # management about how developers will use them in practice.
- #
- # Please note that even though each of the canonical scopes is enough for a
- # request to be accepted and passed to the backend, a request can still fail
- # due to the backend requiring additional scopes or permissions.
- "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
- # OAuth token containing any of these scopes will be accepted.
- #
- # Example:
- #
- # canonical_scopes: https://www.googleapis.com/auth/calendar,
- # https://www.googleapis.com/auth/calendar.read
- },
- "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
- },
- ],
- },
- "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
- "rules": [ # A list of usage rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Usage configuration rules for the service.
- #
- # NOTE: Under development.
- #
- #
- # Use this rule to configure unregistered calls for the service. Unregistered
- # calls are calls that do not contain consumer project identity.
- # (Example: calls that do not contain an API key).
- # By default, API methods do not allow unregistered calls, and each method call
- # must be identified by a consumer project identity. Use this rule to
- # allow/disallow unregistered calls.
- #
- # Example of an API that wants to allow unregistered calls for entire service.
- #
- # usage:
- # rules:
- # - selector: "*"
- # allow_unregistered_calls: true
- #
- # Example of a method that wants to allow unregistered calls.
- #
- # usage:
- # rules:
- # - selector: "google.example.library.v1.LibraryService.CreateBook"
- # allow_unregistered_calls: true
- "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
- # plane features, such as quota and billing, will not be available.
- # This flag is used by Google Cloud Endpoints to bypass checks for internal
- # methods, such as service health check methods.
- "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
- # methods in all APIs.
- #
- # Refer to selector for syntax details.
- "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
- # that don't identify any user or application.
- },
- ],
- "requirements": [ # Requirements that must be satisfied before a consumer project can use the
- # service. Each requirement is of the form <service.name>/<requirement-id>;
- # for example 'serviceusage.googleapis.com/billing-enabled'.
- "A String",
- ],
- "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
- # service producer.
- #
- # Google Service Management currently only supports
- # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
- # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
- # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
- # documented in https://cloud.google.com/pubsub/docs/overview.
- "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
- #
- #
- # Use this field to configure per-product per-project service identity.
- # Example of a service identity configuration.
- #
- # usage:
- # service_identity:
- # - service_account_parent: "projects/123456789"
- # display_name: "Cloud XXX Service Agent"
- # description: "Used as the identity of Cloud XXX to access resources"
- "description": "A String", # Optional. A user-specified opaque description of the service account.
- # Must be less than or equal to 256 UTF-8 bytes.
- "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
- #
- # An example name would be:
- # `projects/123456789`
- "displayName": "A String", # Optional. A user-specified name for the service account.
- # Must be less than or equal to 100 UTF-8 bytes.
- },
- },
- "endpoints": [ # Configuration for network endpoints. Contains only the names and aliases
- # of the endpoints.
- { # `Endpoint` describes a network endpoint that serves a set of APIs.
- # A service may expose any number of endpoints, and all endpoints share the
- # same service configuration, such as quota configuration and monitoring
- # configuration.
- #
- # Example service configuration:
- #
- # name: library-example.googleapis.com
- # endpoints:
- # # Below entry makes 'google.example.library.v1.Library'
- # # API be served from endpoint address library-example.googleapis.com.
- # # It also allows HTTP OPTIONS calls to be passed to the backend, for
- # # it to decide whether the subsequent cross-origin request is
- # # allowed to proceed.
- # - name: library-example.googleapis.com
- # allow_cors: true
- "features": [ # The list of features enabled on this endpoint.
- "A String",
- ],
- "allowCors": True or False, # Allowing
- # [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka
- # cross-domain traffic, would allow the backends served from this endpoint to
- # receive and respond to HTTP OPTIONS requests. The response will be used by
- # the browser to determine whether the subsequent cross-origin request is
- # allowed to proceed.
- "name": "A String", # The canonical name of this endpoint.
- "aliases": [ # DEPRECATED: This field is no longer supported. Instead of using aliases,
- # please specify multiple google.api.Endpoint for each of the intended
- # aliases.
- #
- # Additional names that this endpoint will be hosted on.
- "A String",
- ],
- "target": "A String", # The specification of an Internet routable address of API frontend that will
- # handle requests to this [API
- # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
- # either a valid IPv4 address or a fully-qualified domain name. For example,
- # "8.8.8.8" or "myservice.appspot.com".
- },
- ],
+ "title": "A String", # The product title for this service.
},
- "state": "A String", # Whether or not the service has been enabled for use by the consumer.
- "parent": "A String", # The resource name of the consumer.
+ "name": "A String", # The resource name of the consumer and service.
#
# A valid name would be:
- # - projects/123
+ # - projects/123/services/serviceusage.googleapis.com
},
],
}</pre>
@@ -968,9 +968,6 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If `true`, the operation is completed, and either `error` or `response` is
- # available.
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
@@ -984,20 +981,20 @@
#
# You can find out more about this error model and how to work with it in the
# [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
"details": [ # A list of messages that carry the error details. There is a common set of
# message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should be a resource name ending with `operations/{unique_id}`.
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -1008,6 +1005,9 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
}</pre>
</div>
@@ -1043,9 +1043,6 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If `true`, the operation is completed, and either `error` or `response` is
- # available.
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
@@ -1059,20 +1056,20 @@
#
# You can find out more about this error model and how to work with it in the
# [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
"details": [ # A list of messages that carry the error details. There is a common set of
# message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should be a resource name ending with `operations/{unique_id}`.
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -1083,6 +1080,9 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
}</pre>
</div>
@@ -1105,148 +1105,295 @@
An object of the form:
{ # A service that is available for use by the consumer.
- "name": "A String", # The resource name of the consumer and service.
+ "parent": "A String", # The resource name of the consumer.
#
# A valid name would be:
- # - projects/123/services/serviceusage.googleapis.com
+ # - projects/123
+ "state": "A String", # Whether or not the service has been enabled for use by the consumer.
"config": { # The configuration of the service. # The service configuration of the available service.
# Some fields may be filtered out of the configuration in responses to
# the `ListServices` method. These fields are present only in responses to
# the `GetService` method.
- "quota": { # Quota configuration helps to achieve fairness and budgeting in service # Quota configuration.
- # usage.
+ "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
#
- # The metric based quota configuration works this way:
- # - The service configuration defines a set of metrics.
- # - For API calls, the quota.metric_rules maps methods to metrics with
- # corresponding costs.
- # - The quota.limits defines limits on the metrics, which will be used for
- # quota checks at runtime.
+ # Example for an API targeted for external use:
#
- # An example quota configuration in yaml format:
- #
- # quota:
- # limits:
- #
- # - name: apiWriteQpsPerProject
- # metric: library.googleapis.com/write_calls
- # unit: "1/min/{project}" # rate limit for consumer projects
- # values:
- # STANDARD: 10000
- #
- #
- # # The metric rules bind all methods to the read_calls metric,
- # # except for the UpdateBook and DeleteBook methods. These two methods
- # # are mapped to the write_calls metric, with the UpdateBook method
- # # consuming at twice rate as the DeleteBook method.
- # metric_rules:
- # - selector: "*"
- # metric_costs:
- # library.googleapis.com/read_calls: 1
- # - selector: google.example.library.v1.LibraryService.UpdateBook
- # metric_costs:
- # library.googleapis.com/write_calls: 2
- # - selector: google.example.library.v1.LibraryService.DeleteBook
- # metric_costs:
- # library.googleapis.com/write_calls: 1
- #
- # Corresponding Metric definition:
- #
- # metrics:
- # - name: library.googleapis.com/read_calls
- # display_name: Read requests
- # metric_kind: DELTA
- # value_type: INT64
- #
- # - name: library.googleapis.com/write_calls
- # display_name: Write requests
- # metric_kind: DELTA
- # value_type: INT64
- #
- "limits": [ # List of `QuotaLimit` definitions for the service.
- { # `QuotaLimit` defines a specific limit that applies over a specified duration
- # for a limit type. There can be at most one limit for a duration and limit
- # type combination defined within a `QuotaGroup`.
- "displayName": "A String", # User-visible display name for this limit.
- # Optional. If not set, the UI will provide a default display name based on
- # the quota configuration. This field can be used to override the default
- # display name generated from the configuration.
- "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
- # The free tier is the number of tokens that will be subtracted from the
- # billed amount when billing is enabled.
- # This field can only be set on a limit with duration "1d", in a billable
- # group; it is invalid on any other limit. If this field is not set, it
- # defaults to 0, indicating that there is no free tier for this service.
+ # name: calendar.googleapis.com
+ # authentication:
+ # providers:
+ # - id: google_calendar_auth
+ # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
+ # issuer: https://securetoken.google.com
+ # rules:
+ # - selector: "*"
+ # requirements:
+ # provider_id: google_calendar_auth
+ "providers": [ # Defines a set of authentication providers that a service supports.
+ { # Configuration for an authentication provider, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "audiences": "A String", # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, JWTs with audiences:
+ # - "https://[service.name]/[google.protobuf.Api.name]"
+ # - "https://[service.name]/"
+ # will be accepted.
+ # For example, if no audiences are in the setting, LibraryService API will
+ # accept JWTs with the following audiences:
+ # -
+ # https://library-example.googleapis.com/google.example.library.v1.LibraryService
+ # - https://library-example.googleapis.com/
#
- # Used by group-based quotas only.
- "values": { # Tiered limit values. You must specify this as a key:value pair, with an
- # integer value that is the maximum number of requests allowed for the
- # specified unit. Currently only STANDARD is supported.
- "a_key": "A String",
- },
- "name": "A String", # Name of the quota limit.
+ # Example:
#
- # The name must be provided, and it must be unique within the service. The
- # name can only include alphanumeric characters as well as '-'.
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
+ # Optional if the key set document:
+ # - can be retrieved from
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
+ # the issuer.
+ # - can be inferred from the email domain of the issuer (e.g. a Google
+ # service account).
#
- # The maximum length of the limit name is 64 characters.
- "description": "A String", # Optional. User-visible, extended description for this quota limit.
- # Should be used only when more context is needed to understand this limit
- # than provided by the limit's display name (see: `display_name`).
- "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
- # duration. Client application developers can override the default limit up
- # to this maximum. If specified, this value cannot be set to a value less
- # than the default limit. If not specified, it is set to the default limit.
+ # Example: https://www.googleapis.com/oauth2/v1/certs
+ "id": "A String", # The unique identifier of the auth provider. It will be referred to by
+ # `AuthRequirement.provider_id`.
#
- # To allow clients to apply overrides with no upper bound, set this to -1,
- # indicating unlimited maximum quota.
+ # Example: "bookstore_auth".
+ "jwtLocations": [ # Defines the locations to extract the JWT.
#
- # Used by group-based quotas only.
- "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
- # the same metric will be checked together during runtime. The metric must be
- # defined within the service config.
- "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
- # Metric.unit. The supported unit kinds are determined by the quota
- # backend system.
+ # JWT locations can be either from HTTP headers or URL query parameters.
+ # The rule is that the first match wins. The checking order is: checking
+ # all headers first, then URL query parameters.
#
- # Here are some examples:
- # * "1/min/{project}" for quota per minute per project.
+ # If not specified, default to use following 3 locations:
+ # 1) Authorization: Bearer
+ # 2) x-goog-iap-jwt-assertion
+ # 3) access_token query parameter
#
- # Note: the order of unit components is insignificant.
- # The "1" at the beginning is required to follow the metric unit syntax.
- "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
+ # Default locations can be specified as followings:
+ # jwt_locations:
+ # - header: Authorization
+ # value_prefix: "Bearer "
+ # - header: x-goog-iap-jwt-assertion
+ # - query: access_token
+ { # Specifies a location to extract JWT from an API request.
+ "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
+ # Only applies to "in" header type. Must be empty for "in" query type.
+ # If not empty, the header value has to match (case sensitive) this prefix.
+ # If not matched, JWT will not be extracted. If matched, JWT will be
+ # extracted after the prefix is removed.
+ #
+ # For example, for "Authorization: Bearer {JWT}",
+ # value_prefix="Bearer " with a space at the end.
+ "header": "A String", # Specifies HTTP header name to extract JWT token.
+ "query": "A String", # Specifies URL query parameter name to extract JWT token.
+ },
+ ],
+ "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
+ # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
+ "issuer": "A String", # Identifies the principal that issued the JWT. See
+ # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
+ # Usually a URL or an email address.
#
- # Used by group-based quotas only.
- "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
- # duration. This is the number of tokens assigned when a client
- # application developer activates the service for his/her project.
- #
- # Specifying a value of 0 will block all requests. This can be used if you
- # are provisioning quota to selected consumers and blocking others.
- # Similarly, a value of -1 will indicate an unlimited quota. No other
- # negative values are allowed.
- #
- # Used by group-based quotas only.
+ # Example: https://securetoken.google.com
+ # Example: 1234567-compute@developer.gserviceaccount.com
},
],
- "metricRules": [ # List of `MetricRule` definitions, each one mapping a selected method to one
- # or more metrics.
- { # Bind API methods to metrics. Binding a method to a metric causes that
- # metric's configured quota behaviors to apply to the method call.
+ "rules": [ # A list of authentication rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Authentication rules for the service.
+ #
+ # By default, if a method has any authentication requirements, every request
+ # must include a valid credential matching one of the requirements.
+ # It's an error to include more than one kind of credential in a single
+ # request.
+ #
+ # If a method doesn't have any auth requirements, request credentials will be
+ # ignored.
+ "requirements": [ # Requirements for additional authentication providers.
+ { # User-defined authentication requirements, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
+ # implemented and accepted in all the runtime components.
+ #
+ # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, only JWTs with audience
+ # "https://Service_name/API_name"
+ # will be accepted. For example, if no audiences are in the setting,
+ # LibraryService API will only accept JWTs with the following audience
+ # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
+ #
+ # Example:
+ #
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ "providerId": "A String", # id from authentication provider.
+ #
+ # Example:
+ #
+ # provider_id: bookstore_auth
+ },
+ ],
+ "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
"selector": "A String", # Selects the methods to which this rule applies.
#
# Refer to selector for syntax details.
- "metricCosts": { # Metrics to update when the selected methods are called, and the associated
- # cost applied to each metric.
+ "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
+ # there are scopes defined for "Read-only access to Google Calendar" and
+ # "Access to Cloud Platform". Users can consent to a scope for an application,
+ # giving it permission to access that data on their behalf.
#
- # The key of the map is the metric name, and the values are the amount
- # increased for the metric against which the quota limits are defined.
- # The value must not be negative.
- "a_key": "A String",
+ # OAuth scope specifications should be fairly coarse grained; a user will need
+ # to see and understand the text description of what your scope means.
+ #
+ # In most cases: use one or at most two OAuth scopes for an entire family of
+ # products. If your product has multiple APIs, you should probably be sharing
+ # the OAuth scope across all of those APIs.
+ #
+ # When you need finer grained OAuth consent screens: talk with your product
+ # management about how developers will use them in practice.
+ #
+ # Please note that even though each of the canonical scopes is enough for a
+ # request to be accepted and passed to the backend, a request can still fail
+ # due to the backend requiring additional scopes or permissions.
+ "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
+ # OAuth token containing any of these scopes will be accepted.
+ #
+ # Example:
+ #
+ # canonical_scopes: https://www.googleapis.com/auth/calendar,
+ # https://www.googleapis.com/auth/calendar.read
},
},
],
},
+ "endpoints": [ # Configuration for network endpoints. Contains only the names and aliases
+ # of the endpoints.
+ { # `Endpoint` describes a network endpoint that serves a set of APIs.
+ # A service may expose any number of endpoints, and all endpoints share the
+ # same service configuration, such as quota configuration and monitoring
+ # configuration.
+ #
+ # Example service configuration:
+ #
+ # name: library-example.googleapis.com
+ # endpoints:
+ # # Below entry makes 'google.example.library.v1.Library'
+ # # API be served from endpoint address library-example.googleapis.com.
+ # # It also allows HTTP OPTIONS calls to be passed to the backend, for
+ # # it to decide whether the subsequent cross-origin request is
+ # # allowed to proceed.
+ # - name: library-example.googleapis.com
+ # allow_cors: true
+ "features": [ # The list of features enabled on this endpoint.
+ "A String",
+ ],
+ "aliases": [ # DEPRECATED: This field is no longer supported. Instead of using aliases,
+ # please specify multiple google.api.Endpoint for each of the intended
+ # aliases.
+ #
+ # Additional names that this endpoint will be hosted on.
+ "A String",
+ ],
+ "allowCors": True or False, # Allowing
+ # [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka
+ # cross-domain traffic, would allow the backends served from this endpoint to
+ # receive and respond to HTTP OPTIONS requests. The response will be used by
+ # the browser to determine whether the subsequent cross-origin request is
+ # allowed to proceed.
+ "target": "A String", # The specification of an Internet routable address of API frontend that will
+ # handle requests to this [API
+ # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
+ # either a valid IPv4 address or a fully-qualified domain name. For example,
+ # "8.8.8.8" or "myservice.appspot.com".
+ "name": "A String", # The canonical name of this endpoint.
+ },
+ ],
+ "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
+ "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
+ #
+ #
+ # Use this field to configure per-product per-project service identity.
+ # Example of a service identity configuration.
+ #
+ # usage:
+ # service_identity:
+ # - service_account_parent: "projects/123456789"
+ # display_name: "Cloud XXX Service Agent"
+ # description: "Used as the identity of Cloud XXX to access resources"
+ "displayName": "A String", # Optional. A user-specified name for the service account.
+ # Must be less than or equal to 100 UTF-8 bytes.
+ "description": "A String", # Optional. A user-specified opaque description of the service account.
+ # Must be less than or equal to 256 UTF-8 bytes.
+ "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
+ #
+ # An example name would be:
+ # `projects/123456789`
+ },
+ "requirements": [ # Requirements that must be satisfied before a consumer project can use the
+ # service. Each requirement is of the form <service.name>/<requirement-id>;
+ # for example 'serviceusage.googleapis.com/billing-enabled'.
+ "A String",
+ ],
+ "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
+ # service producer.
+ #
+ # Google Service Management currently only supports
+ # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
+ # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
+ # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
+ # documented in https://cloud.google.com/pubsub/docs/overview.
+ "rules": [ # A list of usage rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Usage configuration rules for the service.
+ #
+ # NOTE: Under development.
+ #
+ #
+ # Use this rule to configure unregistered calls for the service. Unregistered
+ # calls are calls that do not contain consumer project identity.
+ # (Example: calls that do not contain an API key).
+ # By default, API methods do not allow unregistered calls, and each method call
+ # must be identified by a consumer project identity. Use this rule to
+ # allow/disallow unregistered calls.
+ #
+ # Example of an API that wants to allow unregistered calls for entire service.
+ #
+ # usage:
+ # rules:
+ # - selector: "*"
+ # allow_unregistered_calls: true
+ #
+ # Example of a method that wants to allow unregistered calls.
+ #
+ # usage:
+ # rules:
+ # - selector: "google.example.library.v1.LibraryService.CreateBook"
+ # allow_unregistered_calls: true
+ "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
+ # plane features, such as quota and billing, will not be available.
+ # This flag is used by Google Cloud Endpoints to bypass checks for internal
+ # methods, such as service health check methods.
+ "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
+ # that don't identify any user or application.
+ "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
+ # methods in all APIs.
+ #
+ # Refer to selector for syntax details.
+ },
+ ],
+ },
"apis": [ # A list of API interfaces exported by this service. Contains only the names,
# versions, and method names of the interfaces.
{ # Api is a light-weight descriptor for an API Interface.
@@ -1258,49 +1405,7 @@
# sometimes simply referred to as "APIs" in other contexts, such as the name of
# this message itself. See https://cloud.google.com/apis/design/glossary for
# detailed terminology.
- "name": "A String", # The fully qualified name of this interface, including package name
- # followed by the interface's simple name.
- "options": [ # Any metadata attached to the interface.
- { # A protocol buffer option, which can be attached to a message, field,
- # enumeration, etc.
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
- "value": { # The option's value packed in an Any message. If the value is a primitive,
- # the corresponding wrapper type defined in google/protobuf/wrappers.proto
- # should be used. If the value is an enum, it should be stored as an int32
- # value using the google.protobuf.Int32Value type.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- },
- ],
"syntax": "A String", # The source syntax of the service.
- "methods": [ # The methods of this interface, in unspecified order.
- { # Method represents a method of an API interface.
- "responseStreaming": True or False, # If true, the response is streamed.
- "name": "A String", # The simple name of this method.
- "syntax": "A String", # The source syntax of this method.
- "options": [ # Any metadata attached to the method.
- { # A protocol buffer option, which can be attached to a message, field,
- # enumeration, etc.
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
- "value": { # The option's value packed in an Any message. If the value is a primitive,
- # the corresponding wrapper type defined in google/protobuf/wrappers.proto
- # should be used. If the value is an enum, it should be stored as an int32
- # value using the google.protobuf.Int32Value type.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- },
- ],
- "requestStreaming": True or False, # If true, the request is streamed.
- "requestTypeUrl": "A String", # A URL of the input message type.
- "responseTypeUrl": "A String", # The URL of the output message type.
- },
- ],
"sourceContext": { # `SourceContext` represents information about the source of a # Source context for the protocol buffer service represented by this
# message.
# protobuf element, like the file in which it is defined.
@@ -1326,6 +1431,48 @@
# `google.feature.v1`. For major versions 0 and 1, the suffix can
# be omitted. Zero major versions must only be used for
# experimental, non-GA interfaces.
+ "methods": [ # The methods of this interface, in unspecified order.
+ { # Method represents a method of an API interface.
+ "responseTypeUrl": "A String", # The URL of the output message type.
+ "name": "A String", # The simple name of this method.
+ "syntax": "A String", # The source syntax of this method.
+ "options": [ # Any metadata attached to the method.
+ { # A protocol buffer option, which can be attached to a message, field,
+ # enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
+ "value": { # The option's value packed in an Any message. If the value is a primitive,
+ # the corresponding wrapper type defined in google/protobuf/wrappers.proto
+ # should be used. If the value is an enum, it should be stored as an int32
+ # value using the google.protobuf.Int32Value type.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ },
+ ],
+ "requestTypeUrl": "A String", # A URL of the input message type.
+ "requestStreaming": True or False, # If true, the request is streamed.
+ "responseStreaming": True or False, # If true, the response is streamed.
+ },
+ ],
+ "options": [ # Any metadata attached to the interface.
+ { # A protocol buffer option, which can be attached to a message, field,
+ # enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
+ "value": { # The option's value packed in an Any message. If the value is a primitive,
+ # the corresponding wrapper type defined in google/protobuf/wrappers.proto
+ # should be used. If the value is an enum, it should be stored as an int32
+ # value using the google.protobuf.Int32Value type.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ },
+ ],
+ "name": "A String", # The fully qualified name of this interface, including package name
+ # followed by the interface's simple name.
"mixins": [ # Included interfaces. See Mixin.
{ # Declares an API Interface to be included in this interface. The including
# interface must redeclare all the methods from the included interface, but
@@ -1405,14 +1552,151 @@
# }
# ...
# }
- "name": "A String", # The fully qualified name of the interface which is included.
"root": "A String", # If non-empty specifies a path under which inherited HTTP paths
# are rooted.
+ "name": "A String", # The fully qualified name of the interface which is included.
},
],
},
],
- "title": "A String", # The product title for this service.
+ "name": "A String", # The DNS address at which this service is available.
+ #
+ # An example DNS address would be:
+ # `calendar.googleapis.com`.
+ "quota": { # Quota configuration helps to achieve fairness and budgeting in service # Quota configuration.
+ # usage.
+ #
+ # The metric based quota configuration works this way:
+ # - The service configuration defines a set of metrics.
+ # - For API calls, the quota.metric_rules maps methods to metrics with
+ # corresponding costs.
+ # - The quota.limits defines limits on the metrics, which will be used for
+ # quota checks at runtime.
+ #
+ # An example quota configuration in yaml format:
+ #
+ # quota:
+ # limits:
+ #
+ # - name: apiWriteQpsPerProject
+ # metric: library.googleapis.com/write_calls
+ # unit: "1/min/{project}" # rate limit for consumer projects
+ # values:
+ # STANDARD: 10000
+ #
+ #
+ # # The metric rules bind all methods to the read_calls metric,
+ # # except for the UpdateBook and DeleteBook methods. These two methods
+ # # are mapped to the write_calls metric, with the UpdateBook method
+ # # consuming at twice rate as the DeleteBook method.
+ # metric_rules:
+ # - selector: "*"
+ # metric_costs:
+ # library.googleapis.com/read_calls: 1
+ # - selector: google.example.library.v1.LibraryService.UpdateBook
+ # metric_costs:
+ # library.googleapis.com/write_calls: 2
+ # - selector: google.example.library.v1.LibraryService.DeleteBook
+ # metric_costs:
+ # library.googleapis.com/write_calls: 1
+ #
+ # Corresponding Metric definition:
+ #
+ # metrics:
+ # - name: library.googleapis.com/read_calls
+ # display_name: Read requests
+ # metric_kind: DELTA
+ # value_type: INT64
+ #
+ # - name: library.googleapis.com/write_calls
+ # display_name: Write requests
+ # metric_kind: DELTA
+ # value_type: INT64
+ #
+ "metricRules": [ # List of `MetricRule` definitions, each one mapping a selected method to one
+ # or more metrics.
+ { # Bind API methods to metrics. Binding a method to a metric causes that
+ # metric's configured quota behaviors to apply to the method call.
+ "selector": "A String", # Selects the methods to which this rule applies.
+ #
+ # Refer to selector for syntax details.
+ "metricCosts": { # Metrics to update when the selected methods are called, and the associated
+ # cost applied to each metric.
+ #
+ # The key of the map is the metric name, and the values are the amount
+ # increased for the metric against which the quota limits are defined.
+ # The value must not be negative.
+ "a_key": "A String",
+ },
+ },
+ ],
+ "limits": [ # List of `QuotaLimit` definitions for the service.
+ { # `QuotaLimit` defines a specific limit that applies over a specified duration
+ # for a limit type. There can be at most one limit for a duration and limit
+ # type combination defined within a `QuotaGroup`.
+ "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
+ # The free tier is the number of tokens that will be subtracted from the
+ # billed amount when billing is enabled.
+ # This field can only be set on a limit with duration "1d", in a billable
+ # group; it is invalid on any other limit. If this field is not set, it
+ # defaults to 0, indicating that there is no free tier for this service.
+ #
+ # Used by group-based quotas only.
+ "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
+ #
+ # Used by group-based quotas only.
+ "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
+ # Metric.unit. The supported unit kinds are determined by the quota
+ # backend system.
+ #
+ # Here are some examples:
+ # * "1/min/{project}" for quota per minute per project.
+ #
+ # Note: the order of unit components is insignificant.
+ # The "1" at the beginning is required to follow the metric unit syntax.
+ "values": { # Tiered limit values. You must specify this as a key:value pair, with an
+ # integer value that is the maximum number of requests allowed for the
+ # specified unit. Currently only STANDARD is supported.
+ "a_key": "A String",
+ },
+ "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
+ # duration. This is the number of tokens assigned when a client
+ # application developer activates the service for his/her project.
+ #
+ # Specifying a value of 0 will block all requests. This can be used if you
+ # are provisioning quota to selected consumers and blocking others.
+ # Similarly, a value of -1 will indicate an unlimited quota. No other
+ # negative values are allowed.
+ #
+ # Used by group-based quotas only.
+ "name": "A String", # Name of the quota limit.
+ #
+ # The name must be provided, and it must be unique within the service. The
+ # name can only include alphanumeric characters as well as '-'.
+ #
+ # The maximum length of the limit name is 64 characters.
+ "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
+ # duration. Client application developers can override the default limit up
+ # to this maximum. If specified, this value cannot be set to a value less
+ # than the default limit. If not specified, it is set to the default limit.
+ #
+ # To allow clients to apply overrides with no upper bound, set this to -1,
+ # indicating unlimited maximum quota.
+ #
+ # Used by group-based quotas only.
+ "displayName": "A String", # User-visible display name for this limit.
+ # Optional. If not set, the UI will provide a default display name based on
+ # the quota configuration. This field can be used to override the default
+ # display name generated from the configuration.
+ "description": "A String", # Optional. User-visible, extended description for this quota limit.
+ # Should be used only when more context is needed to understand this limit
+ # than provided by the limit's display name (see: `display_name`).
+ "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
+ # the same metric will be checked together during runtime. The metric must be
+ # defined within the service config.
+ },
+ ],
+ },
"documentation": { # `Documentation` provides the information for describing a service. # Additional API documentation. Contains only the summary and the
# documentation URL.
#
@@ -1469,20 +1753,28 @@
# <pre><code>&#40;== resource_for v1.shelves.books ==&#41;</code></pre>
# The directive `suppress_warning` does not directly affect documentation
# and is documented together with service config validation.
+ "rules": [ # A list of documentation rules that apply to individual API elements.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # A documentation rule provides information about individual API elements.
+ "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
+ # qualified name of the element which may end in "*", indicating a wildcard.
+ # Wildcards are only allowed at the end and for a whole component of the
+ # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
+ # wildcard will match one or more components. To specify a default for all
+ # applicable elements, the whole pattern "*" is used.
+ "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
+ # an element is marked as `deprecated`.
+ "description": "A String", # Description of the selected API(s).
+ },
+ ],
"serviceRootUrl": "A String", # Specifies the service root url if the default one (the service name
# from the yaml file) is not suitable. This can be seen in any fully
# specified service urls as well as sections that show a base that other
# urls are relative to.
- "documentationRootUrl": "A String", # The URL to the root of documentation.
- "summary": "A String", # A short summary of what the service does. Can only be provided by
- # plain text.
"pages": [ # The top level pages for the documentation set.
{ # Represents a documentation page. A page can contain subpages to represent
# nested documentation set structure.
- "subpages": [ # Subpages of this page. The order of subpages specified here will be
- # honored in the generated docset.
- # Object with schema name: Page
- ],
"name": "A String", # The name of the page. It will be used as an identity of the page to
# generate URI of the page, text of the link to this page in navigation,
# etc. The full page name (start from the root page name to this page
@@ -1499,6 +1791,10 @@
# `Java`.
"content": "A String", # The Markdown content of the page. You can use <code>&#40;== include {path}
# ==&#41;</code> to include content from a Markdown file.
+ "subpages": [ # Subpages of this page. The order of subpages specified here will be
+ # honored in the generated docset.
+ # Object with schema name: Page
+ ],
},
],
"overview": "A String", # Declares a single overview page. For example:
@@ -1514,317 +1810,21 @@
# content: &#40;== include overview.md ==&#41;
# </code></pre>
# Note: you cannot specify both `overview` field and `pages` field.
- "rules": [ # A list of documentation rules that apply to individual API elements.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # A documentation rule provides information about individual API elements.
- "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
- # an element is marked as `deprecated`.
- "description": "A String", # Description of the selected API(s).
- "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
- # qualified name of the element which may end in "*", indicating a wildcard.
- # Wildcards are only allowed at the end and for a whole component of the
- # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
- # wildcard will match one or more components. To specify a default for all
- # applicable elements, the whole pattern "*" is used.
- },
- ],
+ "documentationRootUrl": "A String", # The URL to the root of documentation.
+ "summary": "A String", # A short summary of what the service does. Can only be provided by
+ # plain text.
},
- "name": "A String", # The DNS address at which this service is available.
- #
- # An example DNS address would be:
- # `calendar.googleapis.com`.
- "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
- #
- # Example for an API targeted for external use:
- #
- # name: calendar.googleapis.com
- # authentication:
- # providers:
- # - id: google_calendar_auth
- # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
- # issuer: https://securetoken.google.com
- # rules:
- # - selector: "*"
- # requirements:
- # provider_id: google_calendar_auth
- "providers": [ # Defines a set of authentication providers that a service supports.
- { # Configuration for an authentication provider, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
- # Optional if the key set document:
- # - can be retrieved from
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
- # the issuer.
- # - can be inferred from the email domain of the issuer (e.g. a Google
- # service account).
- #
- # Example: https://www.googleapis.com/oauth2/v1/certs
- "issuer": "A String", # Identifies the principal that issued the JWT. See
- # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
- # Usually a URL or an email address.
- #
- # Example: https://securetoken.google.com
- # Example: 1234567-compute@developer.gserviceaccount.com
- "id": "A String", # The unique identifier of the auth provider. It will be referred to by
- # `AuthRequirement.provider_id`.
- #
- # Example: "bookstore_auth".
- "jwtLocations": [ # Defines the locations to extract the JWT.
- #
- # JWT locations can be either from HTTP headers or URL query parameters.
- # The rule is that the first match wins. The checking order is: checking
- # all headers first, then URL query parameters.
- #
- # If not specified, default to use following 3 locations:
- # 1) Authorization: Bearer
- # 2) x-goog-iap-jwt-assertion
- # 3) access_token query parameter
- #
- # Default locations can be specified as followings:
- # jwt_locations:
- # - header: Authorization
- # value_prefix: "Bearer "
- # - header: x-goog-iap-jwt-assertion
- # - query: access_token
- { # Specifies a location to extract JWT from an API request.
- "query": "A String", # Specifies URL query parameter name to extract JWT token.
- "header": "A String", # Specifies HTTP header name to extract JWT token.
- "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
- # Only applies to "in" header type. Must be empty for "in" query type.
- # If not empty, the header value has to match (case sensitive) this prefix.
- # If not matched, JWT will not be extracted. If matched, JWT will be
- # extracted after the prefix is removed.
- #
- # For example, for "Authorization: Bearer {JWT}",
- # value_prefix="Bearer " with a space at the end.
- },
- ],
- "audiences": "A String", # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, JWTs with audiences:
- # - "https://[service.name]/[google.protobuf.Api.name]"
- # - "https://[service.name]/"
- # will be accepted.
- # For example, if no audiences are in the setting, LibraryService API will
- # accept JWTs with the following audiences:
- # -
- # https://library-example.googleapis.com/google.example.library.v1.LibraryService
- # - https://library-example.googleapis.com/
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
- # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
- },
- ],
- "rules": [ # A list of authentication rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Authentication rules for the service.
- #
- # By default, if a method has any authentication requirements, every request
- # must include a valid credential matching one of the requirements.
- # It's an error to include more than one kind of credential in a single
- # request.
- #
- # If a method doesn't have any auth requirements, request credentials will be
- # ignored.
- "selector": "A String", # Selects the methods to which this rule applies.
- #
- # Refer to selector for syntax details.
- "requirements": [ # Requirements for additional authentication providers.
- { # User-defined authentication requirements, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "providerId": "A String", # id from authentication provider.
- #
- # Example:
- #
- # provider_id: bookstore_auth
- "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
- # implemented and accepted in all the runtime components.
- #
- # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, only JWTs with audience
- # "https://Service_name/API_name"
- # will be accepted. For example, if no audiences are in the setting,
- # LibraryService API will only accept JWTs with the following audience
- # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- },
- ],
- "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
- # there are scopes defined for "Read-only access to Google Calendar" and
- # "Access to Cloud Platform". Users can consent to a scope for an application,
- # giving it permission to access that data on their behalf.
- #
- # OAuth scope specifications should be fairly coarse grained; a user will need
- # to see and understand the text description of what your scope means.
- #
- # In most cases: use one or at most two OAuth scopes for an entire family of
- # products. If your product has multiple APIs, you should probably be sharing
- # the OAuth scope across all of those APIs.
- #
- # When you need finer grained OAuth consent screens: talk with your product
- # management about how developers will use them in practice.
- #
- # Please note that even though each of the canonical scopes is enough for a
- # request to be accepted and passed to the backend, a request can still fail
- # due to the backend requiring additional scopes or permissions.
- "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
- # OAuth token containing any of these scopes will be accepted.
- #
- # Example:
- #
- # canonical_scopes: https://www.googleapis.com/auth/calendar,
- # https://www.googleapis.com/auth/calendar.read
- },
- "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
- },
- ],
- },
- "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
- "rules": [ # A list of usage rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Usage configuration rules for the service.
- #
- # NOTE: Under development.
- #
- #
- # Use this rule to configure unregistered calls for the service. Unregistered
- # calls are calls that do not contain consumer project identity.
- # (Example: calls that do not contain an API key).
- # By default, API methods do not allow unregistered calls, and each method call
- # must be identified by a consumer project identity. Use this rule to
- # allow/disallow unregistered calls.
- #
- # Example of an API that wants to allow unregistered calls for entire service.
- #
- # usage:
- # rules:
- # - selector: "*"
- # allow_unregistered_calls: true
- #
- # Example of a method that wants to allow unregistered calls.
- #
- # usage:
- # rules:
- # - selector: "google.example.library.v1.LibraryService.CreateBook"
- # allow_unregistered_calls: true
- "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
- # plane features, such as quota and billing, will not be available.
- # This flag is used by Google Cloud Endpoints to bypass checks for internal
- # methods, such as service health check methods.
- "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
- # methods in all APIs.
- #
- # Refer to selector for syntax details.
- "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
- # that don't identify any user or application.
- },
- ],
- "requirements": [ # Requirements that must be satisfied before a consumer project can use the
- # service. Each requirement is of the form <service.name>/<requirement-id>;
- # for example 'serviceusage.googleapis.com/billing-enabled'.
- "A String",
- ],
- "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
- # service producer.
- #
- # Google Service Management currently only supports
- # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
- # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
- # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
- # documented in https://cloud.google.com/pubsub/docs/overview.
- "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
- #
- #
- # Use this field to configure per-product per-project service identity.
- # Example of a service identity configuration.
- #
- # usage:
- # service_identity:
- # - service_account_parent: "projects/123456789"
- # display_name: "Cloud XXX Service Agent"
- # description: "Used as the identity of Cloud XXX to access resources"
- "description": "A String", # Optional. A user-specified opaque description of the service account.
- # Must be less than or equal to 256 UTF-8 bytes.
- "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
- #
- # An example name would be:
- # `projects/123456789`
- "displayName": "A String", # Optional. A user-specified name for the service account.
- # Must be less than or equal to 100 UTF-8 bytes.
- },
- },
- "endpoints": [ # Configuration for network endpoints. Contains only the names and aliases
- # of the endpoints.
- { # `Endpoint` describes a network endpoint that serves a set of APIs.
- # A service may expose any number of endpoints, and all endpoints share the
- # same service configuration, such as quota configuration and monitoring
- # configuration.
- #
- # Example service configuration:
- #
- # name: library-example.googleapis.com
- # endpoints:
- # # Below entry makes 'google.example.library.v1.Library'
- # # API be served from endpoint address library-example.googleapis.com.
- # # It also allows HTTP OPTIONS calls to be passed to the backend, for
- # # it to decide whether the subsequent cross-origin request is
- # # allowed to proceed.
- # - name: library-example.googleapis.com
- # allow_cors: true
- "features": [ # The list of features enabled on this endpoint.
- "A String",
- ],
- "allowCors": True or False, # Allowing
- # [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka
- # cross-domain traffic, would allow the backends served from this endpoint to
- # receive and respond to HTTP OPTIONS requests. The response will be used by
- # the browser to determine whether the subsequent cross-origin request is
- # allowed to proceed.
- "name": "A String", # The canonical name of this endpoint.
- "aliases": [ # DEPRECATED: This field is no longer supported. Instead of using aliases,
- # please specify multiple google.api.Endpoint for each of the intended
- # aliases.
- #
- # Additional names that this endpoint will be hosted on.
- "A String",
- ],
- "target": "A String", # The specification of an Internet routable address of API frontend that will
- # handle requests to this [API
- # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
- # either a valid IPv4 address or a fully-qualified domain name. For example,
- # "8.8.8.8" or "myservice.appspot.com".
- },
- ],
+ "title": "A String", # The product title for this service.
},
- "state": "A String", # Whether or not the service has been enabled for use by the consumer.
- "parent": "A String", # The resource name of the consumer.
+ "name": "A String", # The resource name of the consumer and service.
#
# A valid name would be:
- # - projects/123
+ # - projects/123/services/serviceusage.googleapis.com
}</pre>
</div>
<div class="method">
- <code class="details" id="list">list(parent, pageSize=None, pageToken=None, filter=None, x__xgafv=None)</code>
+ <code class="details" id="list">list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</code>
<pre>List all services available to the specified project, and the current
state of those services with respect to the project. The list includes
all public services, all services for which the calling user has the
@@ -1838,13 +1838,13 @@
An example name would be:
`projects/123` where `123` is the project number. (required)
+ filter: string, Only list services that conform to the given filter.
+The allowed filter strings are `state:ENABLED` and `state:DISABLED`.
pageSize: integer, Requested size of the next page of data.
Requested page size cannot exceed 200.
If not set, the default page size is 50.
pageToken: string, Token identifying which result to start with, which is returned by a
previous list call.
- filter: string, Only list services that conform to the given filter.
-The allowed filter strings are `state:ENABLED` and `state:DISABLED`.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -1854,152 +1854,297 @@
An object of the form:
{ # Response message for the `ListServices` method.
- "nextPageToken": "A String", # Token that can be passed to `ListServices` to resume a paginated
- # query.
"services": [ # The available services for the requested project.
{ # A service that is available for use by the consumer.
- "name": "A String", # The resource name of the consumer and service.
+ "parent": "A String", # The resource name of the consumer.
#
# A valid name would be:
- # - projects/123/services/serviceusage.googleapis.com
+ # - projects/123
+ "state": "A String", # Whether or not the service has been enabled for use by the consumer.
"config": { # The configuration of the service. # The service configuration of the available service.
# Some fields may be filtered out of the configuration in responses to
# the `ListServices` method. These fields are present only in responses to
# the `GetService` method.
- "quota": { # Quota configuration helps to achieve fairness and budgeting in service # Quota configuration.
- # usage.
+ "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
#
- # The metric based quota configuration works this way:
- # - The service configuration defines a set of metrics.
- # - For API calls, the quota.metric_rules maps methods to metrics with
- # corresponding costs.
- # - The quota.limits defines limits on the metrics, which will be used for
- # quota checks at runtime.
+ # Example for an API targeted for external use:
#
- # An example quota configuration in yaml format:
- #
- # quota:
- # limits:
- #
- # - name: apiWriteQpsPerProject
- # metric: library.googleapis.com/write_calls
- # unit: "1/min/{project}" # rate limit for consumer projects
- # values:
- # STANDARD: 10000
- #
- #
- # # The metric rules bind all methods to the read_calls metric,
- # # except for the UpdateBook and DeleteBook methods. These two methods
- # # are mapped to the write_calls metric, with the UpdateBook method
- # # consuming at twice rate as the DeleteBook method.
- # metric_rules:
- # - selector: "*"
- # metric_costs:
- # library.googleapis.com/read_calls: 1
- # - selector: google.example.library.v1.LibraryService.UpdateBook
- # metric_costs:
- # library.googleapis.com/write_calls: 2
- # - selector: google.example.library.v1.LibraryService.DeleteBook
- # metric_costs:
- # library.googleapis.com/write_calls: 1
- #
- # Corresponding Metric definition:
- #
- # metrics:
- # - name: library.googleapis.com/read_calls
- # display_name: Read requests
- # metric_kind: DELTA
- # value_type: INT64
- #
- # - name: library.googleapis.com/write_calls
- # display_name: Write requests
- # metric_kind: DELTA
- # value_type: INT64
- #
- "limits": [ # List of `QuotaLimit` definitions for the service.
- { # `QuotaLimit` defines a specific limit that applies over a specified duration
- # for a limit type. There can be at most one limit for a duration and limit
- # type combination defined within a `QuotaGroup`.
- "displayName": "A String", # User-visible display name for this limit.
- # Optional. If not set, the UI will provide a default display name based on
- # the quota configuration. This field can be used to override the default
- # display name generated from the configuration.
- "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
- # The free tier is the number of tokens that will be subtracted from the
- # billed amount when billing is enabled.
- # This field can only be set on a limit with duration "1d", in a billable
- # group; it is invalid on any other limit. If this field is not set, it
- # defaults to 0, indicating that there is no free tier for this service.
+ # name: calendar.googleapis.com
+ # authentication:
+ # providers:
+ # - id: google_calendar_auth
+ # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
+ # issuer: https://securetoken.google.com
+ # rules:
+ # - selector: "*"
+ # requirements:
+ # provider_id: google_calendar_auth
+ "providers": [ # Defines a set of authentication providers that a service supports.
+ { # Configuration for an authentication provider, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "audiences": "A String", # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, JWTs with audiences:
+ # - "https://[service.name]/[google.protobuf.Api.name]"
+ # - "https://[service.name]/"
+ # will be accepted.
+ # For example, if no audiences are in the setting, LibraryService API will
+ # accept JWTs with the following audiences:
+ # -
+ # https://library-example.googleapis.com/google.example.library.v1.LibraryService
+ # - https://library-example.googleapis.com/
#
- # Used by group-based quotas only.
- "values": { # Tiered limit values. You must specify this as a key:value pair, with an
- # integer value that is the maximum number of requests allowed for the
- # specified unit. Currently only STANDARD is supported.
- "a_key": "A String",
- },
- "name": "A String", # Name of the quota limit.
+ # Example:
#
- # The name must be provided, and it must be unique within the service. The
- # name can only include alphanumeric characters as well as '-'.
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
+ # Optional if the key set document:
+ # - can be retrieved from
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
+ # the issuer.
+ # - can be inferred from the email domain of the issuer (e.g. a Google
+ # service account).
#
- # The maximum length of the limit name is 64 characters.
- "description": "A String", # Optional. User-visible, extended description for this quota limit.
- # Should be used only when more context is needed to understand this limit
- # than provided by the limit's display name (see: `display_name`).
- "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
- # duration. Client application developers can override the default limit up
- # to this maximum. If specified, this value cannot be set to a value less
- # than the default limit. If not specified, it is set to the default limit.
+ # Example: https://www.googleapis.com/oauth2/v1/certs
+ "id": "A String", # The unique identifier of the auth provider. It will be referred to by
+ # `AuthRequirement.provider_id`.
#
- # To allow clients to apply overrides with no upper bound, set this to -1,
- # indicating unlimited maximum quota.
+ # Example: "bookstore_auth".
+ "jwtLocations": [ # Defines the locations to extract the JWT.
#
- # Used by group-based quotas only.
- "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
- # the same metric will be checked together during runtime. The metric must be
- # defined within the service config.
- "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
- # Metric.unit. The supported unit kinds are determined by the quota
- # backend system.
+ # JWT locations can be either from HTTP headers or URL query parameters.
+ # The rule is that the first match wins. The checking order is: checking
+ # all headers first, then URL query parameters.
#
- # Here are some examples:
- # * "1/min/{project}" for quota per minute per project.
+ # If not specified, default to use following 3 locations:
+ # 1) Authorization: Bearer
+ # 2) x-goog-iap-jwt-assertion
+ # 3) access_token query parameter
#
- # Note: the order of unit components is insignificant.
- # The "1" at the beginning is required to follow the metric unit syntax.
- "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
+ # Default locations can be specified as followings:
+ # jwt_locations:
+ # - header: Authorization
+ # value_prefix: "Bearer "
+ # - header: x-goog-iap-jwt-assertion
+ # - query: access_token
+ { # Specifies a location to extract JWT from an API request.
+ "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
+ # Only applies to "in" header type. Must be empty for "in" query type.
+ # If not empty, the header value has to match (case sensitive) this prefix.
+ # If not matched, JWT will not be extracted. If matched, JWT will be
+ # extracted after the prefix is removed.
+ #
+ # For example, for "Authorization: Bearer {JWT}",
+ # value_prefix="Bearer " with a space at the end.
+ "header": "A String", # Specifies HTTP header name to extract JWT token.
+ "query": "A String", # Specifies URL query parameter name to extract JWT token.
+ },
+ ],
+ "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
+ # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
+ "issuer": "A String", # Identifies the principal that issued the JWT. See
+ # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
+ # Usually a URL or an email address.
#
- # Used by group-based quotas only.
- "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
- # duration. This is the number of tokens assigned when a client
- # application developer activates the service for his/her project.
- #
- # Specifying a value of 0 will block all requests. This can be used if you
- # are provisioning quota to selected consumers and blocking others.
- # Similarly, a value of -1 will indicate an unlimited quota. No other
- # negative values are allowed.
- #
- # Used by group-based quotas only.
+ # Example: https://securetoken.google.com
+ # Example: 1234567-compute@developer.gserviceaccount.com
},
],
- "metricRules": [ # List of `MetricRule` definitions, each one mapping a selected method to one
- # or more metrics.
- { # Bind API methods to metrics. Binding a method to a metric causes that
- # metric's configured quota behaviors to apply to the method call.
+ "rules": [ # A list of authentication rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Authentication rules for the service.
+ #
+ # By default, if a method has any authentication requirements, every request
+ # must include a valid credential matching one of the requirements.
+ # It's an error to include more than one kind of credential in a single
+ # request.
+ #
+ # If a method doesn't have any auth requirements, request credentials will be
+ # ignored.
+ "requirements": [ # Requirements for additional authentication providers.
+ { # User-defined authentication requirements, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
+ # implemented and accepted in all the runtime components.
+ #
+ # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, only JWTs with audience
+ # "https://Service_name/API_name"
+ # will be accepted. For example, if no audiences are in the setting,
+ # LibraryService API will only accept JWTs with the following audience
+ # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
+ #
+ # Example:
+ #
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ "providerId": "A String", # id from authentication provider.
+ #
+ # Example:
+ #
+ # provider_id: bookstore_auth
+ },
+ ],
+ "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
"selector": "A String", # Selects the methods to which this rule applies.
#
# Refer to selector for syntax details.
- "metricCosts": { # Metrics to update when the selected methods are called, and the associated
- # cost applied to each metric.
+ "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
+ # there are scopes defined for "Read-only access to Google Calendar" and
+ # "Access to Cloud Platform". Users can consent to a scope for an application,
+ # giving it permission to access that data on their behalf.
#
- # The key of the map is the metric name, and the values are the amount
- # increased for the metric against which the quota limits are defined.
- # The value must not be negative.
- "a_key": "A String",
+ # OAuth scope specifications should be fairly coarse grained; a user will need
+ # to see and understand the text description of what your scope means.
+ #
+ # In most cases: use one or at most two OAuth scopes for an entire family of
+ # products. If your product has multiple APIs, you should probably be sharing
+ # the OAuth scope across all of those APIs.
+ #
+ # When you need finer grained OAuth consent screens: talk with your product
+ # management about how developers will use them in practice.
+ #
+ # Please note that even though each of the canonical scopes is enough for a
+ # request to be accepted and passed to the backend, a request can still fail
+ # due to the backend requiring additional scopes or permissions.
+ "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
+ # OAuth token containing any of these scopes will be accepted.
+ #
+ # Example:
+ #
+ # canonical_scopes: https://www.googleapis.com/auth/calendar,
+ # https://www.googleapis.com/auth/calendar.read
},
},
],
},
+ "endpoints": [ # Configuration for network endpoints. Contains only the names and aliases
+ # of the endpoints.
+ { # `Endpoint` describes a network endpoint that serves a set of APIs.
+ # A service may expose any number of endpoints, and all endpoints share the
+ # same service configuration, such as quota configuration and monitoring
+ # configuration.
+ #
+ # Example service configuration:
+ #
+ # name: library-example.googleapis.com
+ # endpoints:
+ # # Below entry makes 'google.example.library.v1.Library'
+ # # API be served from endpoint address library-example.googleapis.com.
+ # # It also allows HTTP OPTIONS calls to be passed to the backend, for
+ # # it to decide whether the subsequent cross-origin request is
+ # # allowed to proceed.
+ # - name: library-example.googleapis.com
+ # allow_cors: true
+ "features": [ # The list of features enabled on this endpoint.
+ "A String",
+ ],
+ "aliases": [ # DEPRECATED: This field is no longer supported. Instead of using aliases,
+ # please specify multiple google.api.Endpoint for each of the intended
+ # aliases.
+ #
+ # Additional names that this endpoint will be hosted on.
+ "A String",
+ ],
+ "allowCors": True or False, # Allowing
+ # [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka
+ # cross-domain traffic, would allow the backends served from this endpoint to
+ # receive and respond to HTTP OPTIONS requests. The response will be used by
+ # the browser to determine whether the subsequent cross-origin request is
+ # allowed to proceed.
+ "target": "A String", # The specification of an Internet routable address of API frontend that will
+ # handle requests to this [API
+ # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
+ # either a valid IPv4 address or a fully-qualified domain name. For example,
+ # "8.8.8.8" or "myservice.appspot.com".
+ "name": "A String", # The canonical name of this endpoint.
+ },
+ ],
+ "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
+ "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
+ #
+ #
+ # Use this field to configure per-product per-project service identity.
+ # Example of a service identity configuration.
+ #
+ # usage:
+ # service_identity:
+ # - service_account_parent: "projects/123456789"
+ # display_name: "Cloud XXX Service Agent"
+ # description: "Used as the identity of Cloud XXX to access resources"
+ "displayName": "A String", # Optional. A user-specified name for the service account.
+ # Must be less than or equal to 100 UTF-8 bytes.
+ "description": "A String", # Optional. A user-specified opaque description of the service account.
+ # Must be less than or equal to 256 UTF-8 bytes.
+ "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
+ #
+ # An example name would be:
+ # `projects/123456789`
+ },
+ "requirements": [ # Requirements that must be satisfied before a consumer project can use the
+ # service. Each requirement is of the form <service.name>/<requirement-id>;
+ # for example 'serviceusage.googleapis.com/billing-enabled'.
+ "A String",
+ ],
+ "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
+ # service producer.
+ #
+ # Google Service Management currently only supports
+ # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
+ # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
+ # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
+ # documented in https://cloud.google.com/pubsub/docs/overview.
+ "rules": [ # A list of usage rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Usage configuration rules for the service.
+ #
+ # NOTE: Under development.
+ #
+ #
+ # Use this rule to configure unregistered calls for the service. Unregistered
+ # calls are calls that do not contain consumer project identity.
+ # (Example: calls that do not contain an API key).
+ # By default, API methods do not allow unregistered calls, and each method call
+ # must be identified by a consumer project identity. Use this rule to
+ # allow/disallow unregistered calls.
+ #
+ # Example of an API that wants to allow unregistered calls for entire service.
+ #
+ # usage:
+ # rules:
+ # - selector: "*"
+ # allow_unregistered_calls: true
+ #
+ # Example of a method that wants to allow unregistered calls.
+ #
+ # usage:
+ # rules:
+ # - selector: "google.example.library.v1.LibraryService.CreateBook"
+ # allow_unregistered_calls: true
+ "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
+ # plane features, such as quota and billing, will not be available.
+ # This flag is used by Google Cloud Endpoints to bypass checks for internal
+ # methods, such as service health check methods.
+ "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
+ # that don't identify any user or application.
+ "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
+ # methods in all APIs.
+ #
+ # Refer to selector for syntax details.
+ },
+ ],
+ },
"apis": [ # A list of API interfaces exported by this service. Contains only the names,
# versions, and method names of the interfaces.
{ # Api is a light-weight descriptor for an API Interface.
@@ -2011,49 +2156,7 @@
# sometimes simply referred to as "APIs" in other contexts, such as the name of
# this message itself. See https://cloud.google.com/apis/design/glossary for
# detailed terminology.
- "name": "A String", # The fully qualified name of this interface, including package name
- # followed by the interface's simple name.
- "options": [ # Any metadata attached to the interface.
- { # A protocol buffer option, which can be attached to a message, field,
- # enumeration, etc.
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
- "value": { # The option's value packed in an Any message. If the value is a primitive,
- # the corresponding wrapper type defined in google/protobuf/wrappers.proto
- # should be used. If the value is an enum, it should be stored as an int32
- # value using the google.protobuf.Int32Value type.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- },
- ],
"syntax": "A String", # The source syntax of the service.
- "methods": [ # The methods of this interface, in unspecified order.
- { # Method represents a method of an API interface.
- "responseStreaming": True or False, # If true, the response is streamed.
- "name": "A String", # The simple name of this method.
- "syntax": "A String", # The source syntax of this method.
- "options": [ # Any metadata attached to the method.
- { # A protocol buffer option, which can be attached to a message, field,
- # enumeration, etc.
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
- "value": { # The option's value packed in an Any message. If the value is a primitive,
- # the corresponding wrapper type defined in google/protobuf/wrappers.proto
- # should be used. If the value is an enum, it should be stored as an int32
- # value using the google.protobuf.Int32Value type.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- },
- ],
- "requestStreaming": True or False, # If true, the request is streamed.
- "requestTypeUrl": "A String", # A URL of the input message type.
- "responseTypeUrl": "A String", # The URL of the output message type.
- },
- ],
"sourceContext": { # `SourceContext` represents information about the source of a # Source context for the protocol buffer service represented by this
# message.
# protobuf element, like the file in which it is defined.
@@ -2079,6 +2182,48 @@
# `google.feature.v1`. For major versions 0 and 1, the suffix can
# be omitted. Zero major versions must only be used for
# experimental, non-GA interfaces.
+ "methods": [ # The methods of this interface, in unspecified order.
+ { # Method represents a method of an API interface.
+ "responseTypeUrl": "A String", # The URL of the output message type.
+ "name": "A String", # The simple name of this method.
+ "syntax": "A String", # The source syntax of this method.
+ "options": [ # Any metadata attached to the method.
+ { # A protocol buffer option, which can be attached to a message, field,
+ # enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
+ "value": { # The option's value packed in an Any message. If the value is a primitive,
+ # the corresponding wrapper type defined in google/protobuf/wrappers.proto
+ # should be used. If the value is an enum, it should be stored as an int32
+ # value using the google.protobuf.Int32Value type.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ },
+ ],
+ "requestTypeUrl": "A String", # A URL of the input message type.
+ "requestStreaming": True or False, # If true, the request is streamed.
+ "responseStreaming": True or False, # If true, the response is streamed.
+ },
+ ],
+ "options": [ # Any metadata attached to the interface.
+ { # A protocol buffer option, which can be attached to a message, field,
+ # enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
+ "value": { # The option's value packed in an Any message. If the value is a primitive,
+ # the corresponding wrapper type defined in google/protobuf/wrappers.proto
+ # should be used. If the value is an enum, it should be stored as an int32
+ # value using the google.protobuf.Int32Value type.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ },
+ ],
+ "name": "A String", # The fully qualified name of this interface, including package name
+ # followed by the interface's simple name.
"mixins": [ # Included interfaces. See Mixin.
{ # Declares an API Interface to be included in this interface. The including
# interface must redeclare all the methods from the included interface, but
@@ -2158,14 +2303,151 @@
# }
# ...
# }
- "name": "A String", # The fully qualified name of the interface which is included.
"root": "A String", # If non-empty specifies a path under which inherited HTTP paths
# are rooted.
+ "name": "A String", # The fully qualified name of the interface which is included.
},
],
},
],
- "title": "A String", # The product title for this service.
+ "name": "A String", # The DNS address at which this service is available.
+ #
+ # An example DNS address would be:
+ # `calendar.googleapis.com`.
+ "quota": { # Quota configuration helps to achieve fairness and budgeting in service # Quota configuration.
+ # usage.
+ #
+ # The metric based quota configuration works this way:
+ # - The service configuration defines a set of metrics.
+ # - For API calls, the quota.metric_rules maps methods to metrics with
+ # corresponding costs.
+ # - The quota.limits defines limits on the metrics, which will be used for
+ # quota checks at runtime.
+ #
+ # An example quota configuration in yaml format:
+ #
+ # quota:
+ # limits:
+ #
+ # - name: apiWriteQpsPerProject
+ # metric: library.googleapis.com/write_calls
+ # unit: "1/min/{project}" # rate limit for consumer projects
+ # values:
+ # STANDARD: 10000
+ #
+ #
+ # # The metric rules bind all methods to the read_calls metric,
+ # # except for the UpdateBook and DeleteBook methods. These two methods
+ # # are mapped to the write_calls metric, with the UpdateBook method
+ # # consuming at twice rate as the DeleteBook method.
+ # metric_rules:
+ # - selector: "*"
+ # metric_costs:
+ # library.googleapis.com/read_calls: 1
+ # - selector: google.example.library.v1.LibraryService.UpdateBook
+ # metric_costs:
+ # library.googleapis.com/write_calls: 2
+ # - selector: google.example.library.v1.LibraryService.DeleteBook
+ # metric_costs:
+ # library.googleapis.com/write_calls: 1
+ #
+ # Corresponding Metric definition:
+ #
+ # metrics:
+ # - name: library.googleapis.com/read_calls
+ # display_name: Read requests
+ # metric_kind: DELTA
+ # value_type: INT64
+ #
+ # - name: library.googleapis.com/write_calls
+ # display_name: Write requests
+ # metric_kind: DELTA
+ # value_type: INT64
+ #
+ "metricRules": [ # List of `MetricRule` definitions, each one mapping a selected method to one
+ # or more metrics.
+ { # Bind API methods to metrics. Binding a method to a metric causes that
+ # metric's configured quota behaviors to apply to the method call.
+ "selector": "A String", # Selects the methods to which this rule applies.
+ #
+ # Refer to selector for syntax details.
+ "metricCosts": { # Metrics to update when the selected methods are called, and the associated
+ # cost applied to each metric.
+ #
+ # The key of the map is the metric name, and the values are the amount
+ # increased for the metric against which the quota limits are defined.
+ # The value must not be negative.
+ "a_key": "A String",
+ },
+ },
+ ],
+ "limits": [ # List of `QuotaLimit` definitions for the service.
+ { # `QuotaLimit` defines a specific limit that applies over a specified duration
+ # for a limit type. There can be at most one limit for a duration and limit
+ # type combination defined within a `QuotaGroup`.
+ "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
+ # The free tier is the number of tokens that will be subtracted from the
+ # billed amount when billing is enabled.
+ # This field can only be set on a limit with duration "1d", in a billable
+ # group; it is invalid on any other limit. If this field is not set, it
+ # defaults to 0, indicating that there is no free tier for this service.
+ #
+ # Used by group-based quotas only.
+ "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
+ #
+ # Used by group-based quotas only.
+ "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
+ # Metric.unit. The supported unit kinds are determined by the quota
+ # backend system.
+ #
+ # Here are some examples:
+ # * "1/min/{project}" for quota per minute per project.
+ #
+ # Note: the order of unit components is insignificant.
+ # The "1" at the beginning is required to follow the metric unit syntax.
+ "values": { # Tiered limit values. You must specify this as a key:value pair, with an
+ # integer value that is the maximum number of requests allowed for the
+ # specified unit. Currently only STANDARD is supported.
+ "a_key": "A String",
+ },
+ "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
+ # duration. This is the number of tokens assigned when a client
+ # application developer activates the service for his/her project.
+ #
+ # Specifying a value of 0 will block all requests. This can be used if you
+ # are provisioning quota to selected consumers and blocking others.
+ # Similarly, a value of -1 will indicate an unlimited quota. No other
+ # negative values are allowed.
+ #
+ # Used by group-based quotas only.
+ "name": "A String", # Name of the quota limit.
+ #
+ # The name must be provided, and it must be unique within the service. The
+ # name can only include alphanumeric characters as well as '-'.
+ #
+ # The maximum length of the limit name is 64 characters.
+ "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
+ # duration. Client application developers can override the default limit up
+ # to this maximum. If specified, this value cannot be set to a value less
+ # than the default limit. If not specified, it is set to the default limit.
+ #
+ # To allow clients to apply overrides with no upper bound, set this to -1,
+ # indicating unlimited maximum quota.
+ #
+ # Used by group-based quotas only.
+ "displayName": "A String", # User-visible display name for this limit.
+ # Optional. If not set, the UI will provide a default display name based on
+ # the quota configuration. This field can be used to override the default
+ # display name generated from the configuration.
+ "description": "A String", # Optional. User-visible, extended description for this quota limit.
+ # Should be used only when more context is needed to understand this limit
+ # than provided by the limit's display name (see: `display_name`).
+ "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
+ # the same metric will be checked together during runtime. The metric must be
+ # defined within the service config.
+ },
+ ],
+ },
"documentation": { # `Documentation` provides the information for describing a service. # Additional API documentation. Contains only the summary and the
# documentation URL.
#
@@ -2222,20 +2504,28 @@
# <pre><code>&#40;== resource_for v1.shelves.books ==&#41;</code></pre>
# The directive `suppress_warning` does not directly affect documentation
# and is documented together with service config validation.
+ "rules": [ # A list of documentation rules that apply to individual API elements.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # A documentation rule provides information about individual API elements.
+ "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
+ # qualified name of the element which may end in "*", indicating a wildcard.
+ # Wildcards are only allowed at the end and for a whole component of the
+ # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
+ # wildcard will match one or more components. To specify a default for all
+ # applicable elements, the whole pattern "*" is used.
+ "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
+ # an element is marked as `deprecated`.
+ "description": "A String", # Description of the selected API(s).
+ },
+ ],
"serviceRootUrl": "A String", # Specifies the service root url if the default one (the service name
# from the yaml file) is not suitable. This can be seen in any fully
# specified service urls as well as sections that show a base that other
# urls are relative to.
- "documentationRootUrl": "A String", # The URL to the root of documentation.
- "summary": "A String", # A short summary of what the service does. Can only be provided by
- # plain text.
"pages": [ # The top level pages for the documentation set.
{ # Represents a documentation page. A page can contain subpages to represent
# nested documentation set structure.
- "subpages": [ # Subpages of this page. The order of subpages specified here will be
- # honored in the generated docset.
- # Object with schema name: Page
- ],
"name": "A String", # The name of the page. It will be used as an identity of the page to
# generate URI of the page, text of the link to this page in navigation,
# etc. The full page name (start from the root page name to this page
@@ -2252,6 +2542,10 @@
# `Java`.
"content": "A String", # The Markdown content of the page. You can use <code>&#40;== include {path}
# ==&#41;</code> to include content from a Markdown file.
+ "subpages": [ # Subpages of this page. The order of subpages specified here will be
+ # honored in the generated docset.
+ # Object with schema name: Page
+ ],
},
],
"overview": "A String", # Declares a single overview page. For example:
@@ -2267,314 +2561,20 @@
# content: &#40;== include overview.md ==&#41;
# </code></pre>
# Note: you cannot specify both `overview` field and `pages` field.
- "rules": [ # A list of documentation rules that apply to individual API elements.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # A documentation rule provides information about individual API elements.
- "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
- # an element is marked as `deprecated`.
- "description": "A String", # Description of the selected API(s).
- "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
- # qualified name of the element which may end in "*", indicating a wildcard.
- # Wildcards are only allowed at the end and for a whole component of the
- # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
- # wildcard will match one or more components. To specify a default for all
- # applicable elements, the whole pattern "*" is used.
- },
- ],
+ "documentationRootUrl": "A String", # The URL to the root of documentation.
+ "summary": "A String", # A short summary of what the service does. Can only be provided by
+ # plain text.
},
- "name": "A String", # The DNS address at which this service is available.
- #
- # An example DNS address would be:
- # `calendar.googleapis.com`.
- "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
- #
- # Example for an API targeted for external use:
- #
- # name: calendar.googleapis.com
- # authentication:
- # providers:
- # - id: google_calendar_auth
- # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
- # issuer: https://securetoken.google.com
- # rules:
- # - selector: "*"
- # requirements:
- # provider_id: google_calendar_auth
- "providers": [ # Defines a set of authentication providers that a service supports.
- { # Configuration for an authentication provider, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
- # Optional if the key set document:
- # - can be retrieved from
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
- # the issuer.
- # - can be inferred from the email domain of the issuer (e.g. a Google
- # service account).
- #
- # Example: https://www.googleapis.com/oauth2/v1/certs
- "issuer": "A String", # Identifies the principal that issued the JWT. See
- # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
- # Usually a URL or an email address.
- #
- # Example: https://securetoken.google.com
- # Example: 1234567-compute@developer.gserviceaccount.com
- "id": "A String", # The unique identifier of the auth provider. It will be referred to by
- # `AuthRequirement.provider_id`.
- #
- # Example: "bookstore_auth".
- "jwtLocations": [ # Defines the locations to extract the JWT.
- #
- # JWT locations can be either from HTTP headers or URL query parameters.
- # The rule is that the first match wins. The checking order is: checking
- # all headers first, then URL query parameters.
- #
- # If not specified, default to use following 3 locations:
- # 1) Authorization: Bearer
- # 2) x-goog-iap-jwt-assertion
- # 3) access_token query parameter
- #
- # Default locations can be specified as followings:
- # jwt_locations:
- # - header: Authorization
- # value_prefix: "Bearer "
- # - header: x-goog-iap-jwt-assertion
- # - query: access_token
- { # Specifies a location to extract JWT from an API request.
- "query": "A String", # Specifies URL query parameter name to extract JWT token.
- "header": "A String", # Specifies HTTP header name to extract JWT token.
- "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
- # Only applies to "in" header type. Must be empty for "in" query type.
- # If not empty, the header value has to match (case sensitive) this prefix.
- # If not matched, JWT will not be extracted. If matched, JWT will be
- # extracted after the prefix is removed.
- #
- # For example, for "Authorization: Bearer {JWT}",
- # value_prefix="Bearer " with a space at the end.
- },
- ],
- "audiences": "A String", # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, JWTs with audiences:
- # - "https://[service.name]/[google.protobuf.Api.name]"
- # - "https://[service.name]/"
- # will be accepted.
- # For example, if no audiences are in the setting, LibraryService API will
- # accept JWTs with the following audiences:
- # -
- # https://library-example.googleapis.com/google.example.library.v1.LibraryService
- # - https://library-example.googleapis.com/
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
- # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
- },
- ],
- "rules": [ # A list of authentication rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Authentication rules for the service.
- #
- # By default, if a method has any authentication requirements, every request
- # must include a valid credential matching one of the requirements.
- # It's an error to include more than one kind of credential in a single
- # request.
- #
- # If a method doesn't have any auth requirements, request credentials will be
- # ignored.
- "selector": "A String", # Selects the methods to which this rule applies.
- #
- # Refer to selector for syntax details.
- "requirements": [ # Requirements for additional authentication providers.
- { # User-defined authentication requirements, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "providerId": "A String", # id from authentication provider.
- #
- # Example:
- #
- # provider_id: bookstore_auth
- "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
- # implemented and accepted in all the runtime components.
- #
- # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, only JWTs with audience
- # "https://Service_name/API_name"
- # will be accepted. For example, if no audiences are in the setting,
- # LibraryService API will only accept JWTs with the following audience
- # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- },
- ],
- "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
- # there are scopes defined for "Read-only access to Google Calendar" and
- # "Access to Cloud Platform". Users can consent to a scope for an application,
- # giving it permission to access that data on their behalf.
- #
- # OAuth scope specifications should be fairly coarse grained; a user will need
- # to see and understand the text description of what your scope means.
- #
- # In most cases: use one or at most two OAuth scopes for an entire family of
- # products. If your product has multiple APIs, you should probably be sharing
- # the OAuth scope across all of those APIs.
- #
- # When you need finer grained OAuth consent screens: talk with your product
- # management about how developers will use them in practice.
- #
- # Please note that even though each of the canonical scopes is enough for a
- # request to be accepted and passed to the backend, a request can still fail
- # due to the backend requiring additional scopes or permissions.
- "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
- # OAuth token containing any of these scopes will be accepted.
- #
- # Example:
- #
- # canonical_scopes: https://www.googleapis.com/auth/calendar,
- # https://www.googleapis.com/auth/calendar.read
- },
- "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
- },
- ],
- },
- "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
- "rules": [ # A list of usage rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Usage configuration rules for the service.
- #
- # NOTE: Under development.
- #
- #
- # Use this rule to configure unregistered calls for the service. Unregistered
- # calls are calls that do not contain consumer project identity.
- # (Example: calls that do not contain an API key).
- # By default, API methods do not allow unregistered calls, and each method call
- # must be identified by a consumer project identity. Use this rule to
- # allow/disallow unregistered calls.
- #
- # Example of an API that wants to allow unregistered calls for entire service.
- #
- # usage:
- # rules:
- # - selector: "*"
- # allow_unregistered_calls: true
- #
- # Example of a method that wants to allow unregistered calls.
- #
- # usage:
- # rules:
- # - selector: "google.example.library.v1.LibraryService.CreateBook"
- # allow_unregistered_calls: true
- "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
- # plane features, such as quota and billing, will not be available.
- # This flag is used by Google Cloud Endpoints to bypass checks for internal
- # methods, such as service health check methods.
- "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
- # methods in all APIs.
- #
- # Refer to selector for syntax details.
- "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
- # that don't identify any user or application.
- },
- ],
- "requirements": [ # Requirements that must be satisfied before a consumer project can use the
- # service. Each requirement is of the form <service.name>/<requirement-id>;
- # for example 'serviceusage.googleapis.com/billing-enabled'.
- "A String",
- ],
- "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
- # service producer.
- #
- # Google Service Management currently only supports
- # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
- # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
- # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
- # documented in https://cloud.google.com/pubsub/docs/overview.
- "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
- #
- #
- # Use this field to configure per-product per-project service identity.
- # Example of a service identity configuration.
- #
- # usage:
- # service_identity:
- # - service_account_parent: "projects/123456789"
- # display_name: "Cloud XXX Service Agent"
- # description: "Used as the identity of Cloud XXX to access resources"
- "description": "A String", # Optional. A user-specified opaque description of the service account.
- # Must be less than or equal to 256 UTF-8 bytes.
- "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
- #
- # An example name would be:
- # `projects/123456789`
- "displayName": "A String", # Optional. A user-specified name for the service account.
- # Must be less than or equal to 100 UTF-8 bytes.
- },
- },
- "endpoints": [ # Configuration for network endpoints. Contains only the names and aliases
- # of the endpoints.
- { # `Endpoint` describes a network endpoint that serves a set of APIs.
- # A service may expose any number of endpoints, and all endpoints share the
- # same service configuration, such as quota configuration and monitoring
- # configuration.
- #
- # Example service configuration:
- #
- # name: library-example.googleapis.com
- # endpoints:
- # # Below entry makes 'google.example.library.v1.Library'
- # # API be served from endpoint address library-example.googleapis.com.
- # # It also allows HTTP OPTIONS calls to be passed to the backend, for
- # # it to decide whether the subsequent cross-origin request is
- # # allowed to proceed.
- # - name: library-example.googleapis.com
- # allow_cors: true
- "features": [ # The list of features enabled on this endpoint.
- "A String",
- ],
- "allowCors": True or False, # Allowing
- # [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka
- # cross-domain traffic, would allow the backends served from this endpoint to
- # receive and respond to HTTP OPTIONS requests. The response will be used by
- # the browser to determine whether the subsequent cross-origin request is
- # allowed to proceed.
- "name": "A String", # The canonical name of this endpoint.
- "aliases": [ # DEPRECATED: This field is no longer supported. Instead of using aliases,
- # please specify multiple google.api.Endpoint for each of the intended
- # aliases.
- #
- # Additional names that this endpoint will be hosted on.
- "A String",
- ],
- "target": "A String", # The specification of an Internet routable address of API frontend that will
- # handle requests to this [API
- # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
- # either a valid IPv4 address or a fully-qualified domain name. For example,
- # "8.8.8.8" or "myservice.appspot.com".
- },
- ],
+ "title": "A String", # The product title for this service.
},
- "state": "A String", # Whether or not the service has been enabled for use by the consumer.
- "parent": "A String", # The resource name of the consumer.
+ "name": "A String", # The resource name of the consumer and service.
#
# A valid name would be:
- # - projects/123
+ # - projects/123/services/serviceusage.googleapis.com
},
],
+ "nextPageToken": "A String", # Token that can be passed to `ListServices` to resume a paginated
+ # query.
}</pre>
</div>