docs: update docs (#916)
* fix: re-run script
* test: fix noxfile
diff --git a/docs/dyn/serviceusage_v1beta1.services.html b/docs/dyn/serviceusage_v1beta1.services.html
index 2c73d67..e71181d 100644
--- a/docs/dyn/serviceusage_v1beta1.services.html
+++ b/docs/dyn/serviceusage_v1beta1.services.html
@@ -92,7 +92,7 @@
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Returns the service configuration and enabled state for a given service.</p>
<p class="toc_element">
- <code><a href="#list">list(parent, filter=None, pageToken=None, pageSize=None, x__xgafv=None)</a></code></p>
+ <code><a href="#list">list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
<p class="firstline">List all services available to the specified project, and the current</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
@@ -148,27 +148,15 @@
"done": True or False, # If the value is `false`, it means the operation is still in progress.
# If `true`, the operation is completed, and either `error` or `response` is
# available.
- "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
- # different programming environments, including REST APIs and RPC APIs. It is
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
- # three pieces of data: error code, error message, and error details.
- #
- # You can find out more about this error model and how to work with it in the
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
- "details": [ # A list of messages that carry the error details. There is a common set of
- # message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- },
"name": "A String", # The server-assigned name, which is only unique within the same service that
# originally returns it. If you use the default HTTP mapping, the
# `name` should be a resource name ending with `operations/{unique_id}`.
+ "metadata": { # Service-specific metadata associated with the operation. It typically
+ # contains progress information and common metadata such as create time.
+ # Some services might not provide such metadata. Any method that returns a
+ # long-running operation should document the metadata type, if any.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -179,11 +167,23 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "metadata": { # Service-specific metadata associated with the operation. It typically
- # contains progress information and common metadata such as create time.
- # Some services might not provide such metadata. Any method that returns a
- # long-running operation should document the metadata type, if any.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
},
}</pre>
</div>
@@ -227,27 +227,15 @@
"done": True or False, # If the value is `false`, it means the operation is still in progress.
# If `true`, the operation is completed, and either `error` or `response` is
# available.
- "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
- # different programming environments, including REST APIs and RPC APIs. It is
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
- # three pieces of data: error code, error message, and error details.
- #
- # You can find out more about this error model and how to work with it in the
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
- "details": [ # A list of messages that carry the error details. There is a common set of
- # message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- },
"name": "A String", # The server-assigned name, which is only unique within the same service that
# originally returns it. If you use the default HTTP mapping, the
# `name` should be a resource name ending with `operations/{unique_id}`.
+ "metadata": { # Service-specific metadata associated with the operation. It typically
+ # contains progress information and common metadata such as create time.
+ # Some services might not provide such metadata. Any method that returns a
+ # long-running operation should document the metadata type, if any.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -258,11 +246,23 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "metadata": { # Service-specific metadata associated with the operation. It typically
- # contains progress information and common metadata such as create time.
- # Some services might not provide such metadata. Any method that returns a
- # long-running operation should document the metadata type, if any.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
},
}</pre>
</div>
@@ -304,27 +304,15 @@
"done": True or False, # If the value is `false`, it means the operation is still in progress.
# If `true`, the operation is completed, and either `error` or `response` is
# available.
- "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
- # different programming environments, including REST APIs and RPC APIs. It is
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
- # three pieces of data: error code, error message, and error details.
- #
- # You can find out more about this error model and how to work with it in the
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
- "details": [ # A list of messages that carry the error details. There is a common set of
- # message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- },
"name": "A String", # The server-assigned name, which is only unique within the same service that
# originally returns it. If you use the default HTTP mapping, the
# `name` should be a resource name ending with `operations/{unique_id}`.
+ "metadata": { # Service-specific metadata associated with the operation. It typically
+ # contains progress information and common metadata such as create time.
+ # Some services might not provide such metadata. Any method that returns a
+ # long-running operation should document the metadata type, if any.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -335,11 +323,23 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "metadata": { # Service-specific metadata associated with the operation. It typically
- # contains progress information and common metadata such as create time.
- # Some services might not provide such metadata. Any method that returns a
- # long-running operation should document the metadata type, if any.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
},
}</pre>
</div>
@@ -363,18 +363,290 @@
An object of the form:
{ # A service that is available for use by the consumer.
- "name": "A String", # The resource name of the consumer and service.
- #
- # A valid name would be:
- # - projects/123/services/serviceusage.googleapis.com
- "parent": "A String", # The resource name of the consumer.
- #
- # A valid name would be:
- # - projects/123
"config": { # The configuration of the service. # The service configuration of the available service.
# Some fields may be filtered out of the configuration in responses to
# the `ListServices` method. These fields are present only in responses to
# the `GetService` method.
+ "documentation": { # `Documentation` provides the information for describing a service. # Additional API documentation. Contains only the summary and the
+ # documentation URL.
+ #
+ # Example:
+ # <pre><code>documentation:
+ # summary: >
+ # The Google Calendar API gives access
+ # to most calendar features.
+ # pages:
+ # - name: Overview
+ # content: &#40;== include google/foo/overview.md ==&#41;
+ # - name: Tutorial
+ # content: &#40;== include google/foo/tutorial.md ==&#41;
+ # subpages;
+ # - name: Java
+ # content: &#40;== include google/foo/tutorial_java.md ==&#41;
+ # rules:
+ # - selector: google.calendar.Calendar.Get
+ # description: >
+ # ...
+ # - selector: google.calendar.Calendar.Put
+ # description: >
+ # ...
+ # </code></pre>
+ # Documentation is provided in markdown syntax. In addition to
+ # standard markdown features, definition lists, tables and fenced
+ # code blocks are supported. Section headers can be provided and are
+ # interpreted relative to the section nesting of the context where
+ # a documentation fragment is embedded.
+ #
+ # Documentation from the IDL is merged with documentation defined
+ # via the config at normalization time, where documentation provided
+ # by config rules overrides IDL provided.
+ #
+ # A number of constructs specific to the API platform are supported
+ # in documentation text.
+ #
+ # In order to reference a proto element, the following
+ # notation can be used:
+ # <pre><code>&#91;fully.qualified.proto.name]&#91;]</code></pre>
+ # To override the display text used for the link, this can be used:
+ # <pre><code>&#91;display text]&#91;fully.qualified.proto.name]</code></pre>
+ # Text can be excluded from doc using the following notation:
+ # <pre><code>&#40;-- internal comment --&#41;</code></pre>
+ #
+ # A few directives are available in documentation. Note that
+ # directives must appear on a single line to be properly
+ # identified. The `include` directive includes a markdown file from
+ # an external source:
+ # <pre><code>&#40;== include path/to/file ==&#41;</code></pre>
+ # The `resource_for` directive marks a message to be the resource of
+ # a collection in REST view. If it is not specified, tools attempt
+ # to infer the resource from the operations in a collection:
+ # <pre><code>&#40;== resource_for v1.shelves.books ==&#41;</code></pre>
+ # The directive `suppress_warning` does not directly affect documentation
+ # and is documented together with service config validation.
+ "documentationRootUrl": "A String", # The URL to the root of documentation.
+ "rules": [ # A list of documentation rules that apply to individual API elements.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # A documentation rule provides information about individual API elements.
+ "description": "A String", # Description of the selected API(s).
+ "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
+ # qualified name of the element which may end in "*", indicating a wildcard.
+ # Wildcards are only allowed at the end and for a whole component of the
+ # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
+ # wildcard will match one or more components. To specify a default for all
+ # applicable elements, the whole pattern "*" is used.
+ "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
+ # an element is marked as `deprecated`.
+ },
+ ],
+ "overview": "A String", # Declares a single overview page. For example:
+ # <pre><code>documentation:
+ # summary: ...
+ # overview: &#40;== include overview.md ==&#41;
+ # </code></pre>
+ # This is a shortcut for the following declaration (using pages style):
+ # <pre><code>documentation:
+ # summary: ...
+ # pages:
+ # - name: Overview
+ # content: &#40;== include overview.md ==&#41;
+ # </code></pre>
+ # Note: you cannot specify both `overview` field and `pages` field.
+ "pages": [ # The top level pages for the documentation set.
+ { # Represents a documentation page. A page can contain subpages to represent
+ # nested documentation set structure.
+ "name": "A String", # The name of the page. It will be used as an identity of the page to
+ # generate URI of the page, text of the link to this page in navigation,
+ # etc. The full page name (start from the root page name to this page
+ # concatenated with `.`) can be used as reference to the page in your
+ # documentation. For example:
+ # <pre><code>pages:
+ # - name: Tutorial
+ # content: &#40;== include tutorial.md ==&#41;
+ # subpages:
+ # - name: Java
+ # content: &#40;== include tutorial_java.md ==&#41;
+ # </code></pre>
+ # You can reference `Java` page using Markdown reference link syntax:
+ # `Java`.
+ "subpages": [ # Subpages of this page. The order of subpages specified here will be
+ # honored in the generated docset.
+ # Object with schema name: Page
+ ],
+ "content": "A String", # The Markdown content of the page. You can use <code>&#40;== include {path}
+ # ==&#41;</code> to include content from a Markdown file.
+ },
+ ],
+ "serviceRootUrl": "A String", # Specifies the service root url if the default one (the service name
+ # from the yaml file) is not suitable. This can be seen in any fully
+ # specified service urls as well as sections that show a base that other
+ # urls are relative to.
+ "summary": "A String", # A short summary of what the service does. Can only be provided by
+ # plain text.
+ },
+ "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
+ #
+ # Example for an API targeted for external use:
+ #
+ # name: calendar.googleapis.com
+ # authentication:
+ # providers:
+ # - id: google_calendar_auth
+ # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
+ # issuer: https://securetoken.google.com
+ # rules:
+ # - selector: "*"
+ # requirements:
+ # provider_id: google_calendar_auth
+ "providers": [ # Defines a set of authentication providers that a service supports.
+ { # Configuration for an authentication provider, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "audiences": "A String", # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, JWTs with audiences:
+ # - "https://[service.name]/[google.protobuf.Api.name]"
+ # - "https://[service.name]/"
+ # will be accepted.
+ # For example, if no audiences are in the setting, LibraryService API will
+ # accept JWTs with the following audiences:
+ # -
+ # https://library-example.googleapis.com/google.example.library.v1.LibraryService
+ # - https://library-example.googleapis.com/
+ #
+ # Example:
+ #
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
+ # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
+ "jwtLocations": [ # Defines the locations to extract the JWT.
+ #
+ # JWT locations can be either from HTTP headers or URL query parameters.
+ # The rule is that the first match wins. The checking order is: checking
+ # all headers first, then URL query parameters.
+ #
+ # If not specified, default to use following 3 locations:
+ # 1) Authorization: Bearer
+ # 2) x-goog-iap-jwt-assertion
+ # 3) access_token query parameter
+ #
+ # Default locations can be specified as followings:
+ # jwt_locations:
+ # - header: Authorization
+ # value_prefix: "Bearer "
+ # - header: x-goog-iap-jwt-assertion
+ # - query: access_token
+ { # Specifies a location to extract JWT from an API request.
+ "header": "A String", # Specifies HTTP header name to extract JWT token.
+ "query": "A String", # Specifies URL query parameter name to extract JWT token.
+ "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
+ # Only applies to "in" header type. Must be empty for "in" query type.
+ # If not empty, the header value has to match (case sensitive) this prefix.
+ # If not matched, JWT will not be extracted. If matched, JWT will be
+ # extracted after the prefix is removed.
+ #
+ # For example, for "Authorization: Bearer {JWT}",
+ # value_prefix="Bearer " with a space at the end.
+ },
+ ],
+ "issuer": "A String", # Identifies the principal that issued the JWT. See
+ # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
+ # Usually a URL or an email address.
+ #
+ # Example: https://securetoken.google.com
+ # Example: 1234567-compute@developer.gserviceaccount.com
+ "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
+ # Optional if the key set document:
+ # - can be retrieved from
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
+ # the issuer.
+ # - can be inferred from the email domain of the issuer (e.g. a Google
+ # service account).
+ #
+ # Example: https://www.googleapis.com/oauth2/v1/certs
+ "id": "A String", # The unique identifier of the auth provider. It will be referred to by
+ # `AuthRequirement.provider_id`.
+ #
+ # Example: "bookstore_auth".
+ },
+ ],
+ "rules": [ # A list of authentication rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Authentication rules for the service.
+ #
+ # By default, if a method has any authentication requirements, every request
+ # must include a valid credential matching one of the requirements.
+ # It's an error to include more than one kind of credential in a single
+ # request.
+ #
+ # If a method doesn't have any auth requirements, request credentials will be
+ # ignored.
+ "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
+ # there are scopes defined for "Read-only access to Google Calendar" and
+ # "Access to Cloud Platform". Users can consent to a scope for an application,
+ # giving it permission to access that data on their behalf.
+ #
+ # OAuth scope specifications should be fairly coarse grained; a user will need
+ # to see and understand the text description of what your scope means.
+ #
+ # In most cases: use one or at most two OAuth scopes for an entire family of
+ # products. If your product has multiple APIs, you should probably be sharing
+ # the OAuth scope across all of those APIs.
+ #
+ # When you need finer grained OAuth consent screens: talk with your product
+ # management about how developers will use them in practice.
+ #
+ # Please note that even though each of the canonical scopes is enough for a
+ # request to be accepted and passed to the backend, a request can still fail
+ # due to the backend requiring additional scopes or permissions.
+ "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
+ # OAuth token containing any of these scopes will be accepted.
+ #
+ # Example:
+ #
+ # canonical_scopes: https://www.googleapis.com/auth/calendar,
+ # https://www.googleapis.com/auth/calendar.read
+ },
+ "selector": "A String", # Selects the methods to which this rule applies.
+ #
+ # Refer to selector for syntax details.
+ "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
+ "requirements": [ # Requirements for additional authentication providers.
+ { # User-defined authentication requirements, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "providerId": "A String", # id from authentication provider.
+ #
+ # Example:
+ #
+ # provider_id: bookstore_auth
+ "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
+ # implemented and accepted in all the runtime components.
+ #
+ # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, only JWTs with audience
+ # "https://Service_name/API_name"
+ # will be accepted. For example, if no audiences are in the setting,
+ # LibraryService API will only accept JWTs with the following audience
+ # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
+ #
+ # Example:
+ #
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ },
+ ],
+ },
+ ],
+ },
"endpoints": [ # Configuration for network endpoints. Contains only the names and aliases
# of the endpoints.
{ # `Endpoint` describes a network endpoint that serves a set of APIs.
@@ -393,20 +665,20 @@
# # allowed to proceed.
# - name: library-example.googleapis.com
# allow_cors: true
+ "features": [ # The list of features enabled on this endpoint.
+ "A String",
+ ],
+ "target": "A String", # The specification of an Internet routable address of API frontend that will
+ # handle requests to this [API
+ # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
+ # either a valid IPv4 address or a fully-qualified domain name. For example,
+ # "8.8.8.8" or "myservice.appspot.com".
"allowCors": True or False, # Allowing
# [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka
# cross-domain traffic, would allow the backends served from this endpoint to
# receive and respond to HTTP OPTIONS requests. The response will be used by
# the browser to determine whether the subsequent cross-origin request is
# allowed to proceed.
- "target": "A String", # The specification of an Internet routable address of API frontend that will
- # handle requests to this [API
- # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
- # either a valid IPv4 address or a fully-qualified domain name. For example,
- # "8.8.8.8" or "myservice.appspot.com".
- "features": [ # The list of features enabled on this endpoint.
- "A String",
- ],
"name": "A String", # The canonical name of this endpoint.
"aliases": [ # DEPRECATED: This field is no longer supported. Instead of using aliases,
# please specify multiple google.api.Endpoint for each of the intended
@@ -467,72 +739,6 @@
# metric_kind: DELTA
# value_type: INT64
#
- "limits": [ # List of `QuotaLimit` definitions for the service.
- { # `QuotaLimit` defines a specific limit that applies over a specified duration
- # for a limit type. There can be at most one limit for a duration and limit
- # type combination defined within a `QuotaGroup`.
- "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
- #
- # Used by group-based quotas only.
- "values": { # Tiered limit values. You must specify this as a key:value pair, with an
- # integer value that is the maximum number of requests allowed for the
- # specified unit. Currently only STANDARD is supported.
- "a_key": "A String",
- },
- "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
- # Metric.unit. The supported unit kinds are determined by the quota
- # backend system.
- #
- # Here are some examples:
- # * "1/min/{project}" for quota per minute per project.
- #
- # Note: the order of unit components is insignificant.
- # The "1" at the beginning is required to follow the metric unit syntax.
- "displayName": "A String", # User-visible display name for this limit.
- # Optional. If not set, the UI will provide a default display name based on
- # the quota configuration. This field can be used to override the default
- # display name generated from the configuration.
- "description": "A String", # Optional. User-visible, extended description for this quota limit.
- # Should be used only when more context is needed to understand this limit
- # than provided by the limit's display name (see: `display_name`).
- "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
- # the same metric will be checked together during runtime. The metric must be
- # defined within the service config.
- "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
- # duration. This is the number of tokens assigned when a client
- # application developer activates the service for his/her project.
- #
- # Specifying a value of 0 will block all requests. This can be used if you
- # are provisioning quota to selected consumers and blocking others.
- # Similarly, a value of -1 will indicate an unlimited quota. No other
- # negative values are allowed.
- #
- # Used by group-based quotas only.
- "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
- # The free tier is the number of tokens that will be subtracted from the
- # billed amount when billing is enabled.
- # This field can only be set on a limit with duration "1d", in a billable
- # group; it is invalid on any other limit. If this field is not set, it
- # defaults to 0, indicating that there is no free tier for this service.
- #
- # Used by group-based quotas only.
- "name": "A String", # Name of the quota limit.
- #
- # The name must be provided, and it must be unique within the service. The
- # name can only include alphanumeric characters as well as '-'.
- #
- # The maximum length of the limit name is 64 characters.
- "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
- # duration. Client application developers can override the default limit up
- # to this maximum. If specified, this value cannot be set to a value less
- # than the default limit. If not specified, it is set to the default limit.
- #
- # To allow clients to apply overrides with no upper bound, set this to -1,
- # indicating unlimited maximum quota.
- #
- # Used by group-based quotas only.
- },
- ],
"metricRules": [ # List of `MetricRule` definitions, each one mapping a selected method to one
# or more metrics.
{ # Bind API methods to metrics. Binding a method to a metric causes that
@@ -550,363 +756,78 @@
# Refer to selector for syntax details.
},
],
- },
- "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
- "requirements": [ # Requirements that must be satisfied before a consumer project can use the
- # service. Each requirement is of the form <service.name>/<requirement-id>;
- # for example 'serviceusage.googleapis.com/billing-enabled'.
- "A String",
- ],
- "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
- #
- #
- # Use this field to configure per-product per-project service identity.
- # Example of a service identity configuration.
- #
- # usage:
- # service_identity:
- # - service_account_parent: "projects/123456789"
- # display_name: "Cloud XXX Service Agent"
- # description: "Used as the identity of Cloud XXX to access resources"
- "description": "A String", # Optional. A user-specified opaque description of the service account.
- # Must be less than or equal to 256 UTF-8 bytes.
- "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
- #
- # An example name would be:
- # `projects/123456789`
- "displayName": "A String", # Optional. A user-specified name for the service account.
- # Must be less than or equal to 100 UTF-8 bytes.
- },
- "rules": [ # A list of usage rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Usage configuration rules for the service.
- #
- # NOTE: Under development.
- #
- #
- # Use this rule to configure unregistered calls for the service. Unregistered
- # calls are calls that do not contain consumer project identity.
- # (Example: calls that do not contain an API key).
- # By default, API methods do not allow unregistered calls, and each method call
- # must be identified by a consumer project identity. Use this rule to
- # allow/disallow unregistered calls.
- #
- # Example of an API that wants to allow unregistered calls for entire service.
- #
- # usage:
- # rules:
- # - selector: "*"
- # allow_unregistered_calls: true
- #
- # Example of a method that wants to allow unregistered calls.
- #
- # usage:
- # rules:
- # - selector: "google.example.library.v1.LibraryService.CreateBook"
- # allow_unregistered_calls: true
- "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
- # methods in all APIs.
+ "limits": [ # List of `QuotaLimit` definitions for the service.
+ { # `QuotaLimit` defines a specific limit that applies over a specified duration
+ # for a limit type. There can be at most one limit for a duration and limit
+ # type combination defined within a `QuotaGroup`.
+ "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
#
- # Refer to selector for syntax details.
- "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
- # plane features, such as quota and billing, will not be available.
- # This flag is used by Google Cloud Endpoints to bypass checks for internal
- # methods, such as service health check methods.
- "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
- # that don't identify any user or application.
- },
- ],
- "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
- # service producer.
- #
- # Google Service Management currently only supports
- # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
- # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
- # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
- # documented in https://cloud.google.com/pubsub/docs/overview.
- },
- "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
- #
- # Example for an API targeted for external use:
- #
- # name: calendar.googleapis.com
- # authentication:
- # providers:
- # - id: google_calendar_auth
- # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
- # issuer: https://securetoken.google.com
- # rules:
- # - selector: "*"
- # requirements:
- # provider_id: google_calendar_auth
- "providers": [ # Defines a set of authentication providers that a service supports.
- { # Configuration for an authentication provider, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
- # Optional if the key set document:
- # - can be retrieved from
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
- # the issuer.
- # - can be inferred from the email domain of the issuer (e.g. a Google
- # service account).
+ # Used by group-based quotas only.
+ "name": "A String", # Name of the quota limit.
#
- # Example: https://www.googleapis.com/oauth2/v1/certs
- "issuer": "A String", # Identifies the principal that issued the JWT. See
- # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
- # Usually a URL or an email address.
+ # The name must be provided, and it must be unique within the service. The
+ # name can only include alphanumeric characters as well as '-'.
#
- # Example: https://securetoken.google.com
- # Example: 1234567-compute@developer.gserviceaccount.com
- "id": "A String", # The unique identifier of the auth provider. It will be referred to by
- # `AuthRequirement.provider_id`.
+ # The maximum length of the limit name is 64 characters.
+ "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
+ # duration. Client application developers can override the default limit up
+ # to this maximum. If specified, this value cannot be set to a value less
+ # than the default limit. If not specified, it is set to the default limit.
#
- # Example: "bookstore_auth".
- "jwtLocations": [ # Defines the locations to extract the JWT.
+ # To allow clients to apply overrides with no upper bound, set this to -1,
+ # indicating unlimited maximum quota.
#
- # JWT locations can be either from HTTP headers or URL query parameters.
- # The rule is that the first match wins. The checking order is: checking
- # all headers first, then URL query parameters.
- #
- # If not specified, default to use following 3 locations:
- # 1) Authorization: Bearer
- # 2) x-goog-iap-jwt-assertion
- # 3) access_token query parameter
- #
- # Default locations can be specified as followings:
- # jwt_locations:
- # - header: Authorization
- # value_prefix: "Bearer "
- # - header: x-goog-iap-jwt-assertion
- # - query: access_token
- { # Specifies a location to extract JWT from an API request.
- "query": "A String", # Specifies URL query parameter name to extract JWT token.
- "header": "A String", # Specifies HTTP header name to extract JWT token.
- "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
- # Only applies to "in" header type. Must be empty for "in" query type.
- # If not empty, the header value has to match (case sensitive) this prefix.
- # If not matched, JWT will not be extracted. If matched, JWT will be
- # extracted after the prefix is removed.
- #
- # For example, for "Authorization: Bearer {JWT}",
- # value_prefix="Bearer " with a space at the end.
- },
- ],
- "audiences": "A String", # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, JWTs with audiences:
- # - "https://[service.name]/[google.protobuf.Api.name]"
- # - "https://[service.name]/"
- # will be accepted.
- # For example, if no audiences are in the setting, LibraryService API will
- # accept JWTs with the following audiences:
- # -
- # https://library-example.googleapis.com/google.example.library.v1.LibraryService
- # - https://library-example.googleapis.com/
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
- # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
- },
- ],
- "rules": [ # A list of authentication rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Authentication rules for the service.
- #
- # By default, if a method has any authentication requirements, every request
- # must include a valid credential matching one of the requirements.
- # It's an error to include more than one kind of credential in a single
- # request.
- #
- # If a method doesn't have any auth requirements, request credentials will be
- # ignored.
- "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
- "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
- # there are scopes defined for "Read-only access to Google Calendar" and
- # "Access to Cloud Platform". Users can consent to a scope for an application,
- # giving it permission to access that data on their behalf.
- #
- # OAuth scope specifications should be fairly coarse grained; a user will need
- # to see and understand the text description of what your scope means.
- #
- # In most cases: use one or at most two OAuth scopes for an entire family of
- # products. If your product has multiple APIs, you should probably be sharing
- # the OAuth scope across all of those APIs.
- #
- # When you need finer grained OAuth consent screens: talk with your product
- # management about how developers will use them in practice.
- #
- # Please note that even though each of the canonical scopes is enough for a
- # request to be accepted and passed to the backend, a request can still fail
- # due to the backend requiring additional scopes or permissions.
- "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
- # OAuth token containing any of these scopes will be accepted.
- #
- # Example:
- #
- # canonical_scopes: https://www.googleapis.com/auth/calendar,
- # https://www.googleapis.com/auth/calendar.read
+ # Used by group-based quotas only.
+ "description": "A String", # Optional. User-visible, extended description for this quota limit.
+ # Should be used only when more context is needed to understand this limit
+ # than provided by the limit's display name (see: `display_name`).
+ "values": { # Tiered limit values. You must specify this as a key:value pair, with an
+ # integer value that is the maximum number of requests allowed for the
+ # specified unit. Currently only STANDARD is supported.
+ "a_key": "A String",
},
- "requirements": [ # Requirements for additional authentication providers.
- { # User-defined authentication requirements, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "providerId": "A String", # id from authentication provider.
- #
- # Example:
- #
- # provider_id: bookstore_auth
- "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
- # implemented and accepted in all the runtime components.
- #
- # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, only JWTs with audience
- # "https://Service_name/API_name"
- # will be accepted. For example, if no audiences are in the setting,
- # LibraryService API will only accept JWTs with the following audience
- # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- },
- ],
- "selector": "A String", # Selects the methods to which this rule applies.
+ "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
+ # Metric.unit. The supported unit kinds are determined by the quota
+ # backend system.
#
- # Refer to selector for syntax details.
+ # Here are some examples:
+ # * "1/min/{project}" for quota per minute per project.
+ #
+ # Note: the order of unit components is insignificant.
+ # The "1" at the beginning is required to follow the metric unit syntax.
+ "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
+ # the same metric will be checked together during runtime. The metric must be
+ # defined within the service config.
+ "displayName": "A String", # User-visible display name for this limit.
+ # Optional. If not set, the UI will provide a default display name based on
+ # the quota configuration. This field can be used to override the default
+ # display name generated from the configuration.
+ "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
+ # The free tier is the number of tokens that will be subtracted from the
+ # billed amount when billing is enabled.
+ # This field can only be set on a limit with duration "1d", in a billable
+ # group; it is invalid on any other limit. If this field is not set, it
+ # defaults to 0, indicating that there is no free tier for this service.
+ #
+ # Used by group-based quotas only.
+ "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
+ # duration. This is the number of tokens assigned when a client
+ # application developer activates the service for his/her project.
+ #
+ # Specifying a value of 0 will block all requests. This can be used if you
+ # are provisioning quota to selected consumers and blocking others.
+ # Similarly, a value of -1 will indicate an unlimited quota. No other
+ # negative values are allowed.
+ #
+ # Used by group-based quotas only.
},
],
},
- "documentation": { # `Documentation` provides the information for describing a service. # Additional API documentation. Contains only the summary and the
- # documentation URL.
- #
- # Example:
- # <pre><code>documentation:
- # summary: >
- # The Google Calendar API gives access
- # to most calendar features.
- # pages:
- # - name: Overview
- # content: &#40;== include google/foo/overview.md ==&#41;
- # - name: Tutorial
- # content: &#40;== include google/foo/tutorial.md ==&#41;
- # subpages;
- # - name: Java
- # content: &#40;== include google/foo/tutorial_java.md ==&#41;
- # rules:
- # - selector: google.calendar.Calendar.Get
- # description: >
- # ...
- # - selector: google.calendar.Calendar.Put
- # description: >
- # ...
- # </code></pre>
- # Documentation is provided in markdown syntax. In addition to
- # standard markdown features, definition lists, tables and fenced
- # code blocks are supported. Section headers can be provided and are
- # interpreted relative to the section nesting of the context where
- # a documentation fragment is embedded.
- #
- # Documentation from the IDL is merged with documentation defined
- # via the config at normalization time, where documentation provided
- # by config rules overrides IDL provided.
- #
- # A number of constructs specific to the API platform are supported
- # in documentation text.
- #
- # In order to reference a proto element, the following
- # notation can be used:
- # <pre><code>&#91;fully.qualified.proto.name]&#91;]</code></pre>
- # To override the display text used for the link, this can be used:
- # <pre><code>&#91;display text]&#91;fully.qualified.proto.name]</code></pre>
- # Text can be excluded from doc using the following notation:
- # <pre><code>&#40;-- internal comment --&#41;</code></pre>
- #
- # A few directives are available in documentation. Note that
- # directives must appear on a single line to be properly
- # identified. The `include` directive includes a markdown file from
- # an external source:
- # <pre><code>&#40;== include path/to/file ==&#41;</code></pre>
- # The `resource_for` directive marks a message to be the resource of
- # a collection in REST view. If it is not specified, tools attempt
- # to infer the resource from the operations in a collection:
- # <pre><code>&#40;== resource_for v1.shelves.books ==&#41;</code></pre>
- # The directive `suppress_warning` does not directly affect documentation
- # and is documented together with service config validation.
- "serviceRootUrl": "A String", # Specifies the service root url if the default one (the service name
- # from the yaml file) is not suitable. This can be seen in any fully
- # specified service urls as well as sections that show a base that other
- # urls are relative to.
- "pages": [ # The top level pages for the documentation set.
- { # Represents a documentation page. A page can contain subpages to represent
- # nested documentation set structure.
- "content": "A String", # The Markdown content of the page. You can use <code>&#40;== include {path}
- # ==&#41;</code> to include content from a Markdown file.
- "name": "A String", # The name of the page. It will be used as an identity of the page to
- # generate URI of the page, text of the link to this page in navigation,
- # etc. The full page name (start from the root page name to this page
- # concatenated with `.`) can be used as reference to the page in your
- # documentation. For example:
- # <pre><code>pages:
- # - name: Tutorial
- # content: &#40;== include tutorial.md ==&#41;
- # subpages:
- # - name: Java
- # content: &#40;== include tutorial_java.md ==&#41;
- # </code></pre>
- # You can reference `Java` page using Markdown reference link syntax:
- # `Java`.
- "subpages": [ # Subpages of this page. The order of subpages specified here will be
- # honored in the generated docset.
- # Object with schema name: Page
- ],
- },
- ],
- "summary": "A String", # A short summary of what the service does. Can only be provided by
- # plain text.
- "rules": [ # A list of documentation rules that apply to individual API elements.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # A documentation rule provides information about individual API elements.
- "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
- # qualified name of the element which may end in "*", indicating a wildcard.
- # Wildcards are only allowed at the end and for a whole component of the
- # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
- # wildcard will match one or more components. To specify a default for all
- # applicable elements, the whole pattern "*" is used.
- "description": "A String", # Description of the selected API(s).
- "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
- # an element is marked as `deprecated`.
- },
- ],
- "documentationRootUrl": "A String", # The URL to the root of documentation.
- "overview": "A String", # Declares a single overview page. For example:
- # <pre><code>documentation:
- # summary: ...
- # overview: &#40;== include overview.md ==&#41;
- # </code></pre>
- # This is a shortcut for the following declaration (using pages style):
- # <pre><code>documentation:
- # summary: ...
- # pages:
- # - name: Overview
- # content: &#40;== include overview.md ==&#41;
- # </code></pre>
- # Note: you cannot specify both `overview` field and `pages` field.
- },
"title": "A String", # The product title for this service.
+ "name": "A String", # The DNS address at which this service is available.
+ #
+ # An example DNS address would be:
+ # `calendar.googleapis.com`.
"apis": [ # A list of API interfaces exported by this service. Contains only the names,
# versions, and method names of the interfaces.
{ # Api is a light-weight descriptor for an API Interface.
@@ -919,6 +840,21 @@
# this message itself. See https://cloud.google.com/apis/design/glossary for
# detailed terminology.
"syntax": "A String", # The source syntax of the service.
+ "options": [ # Any metadata attached to the interface.
+ { # A protocol buffer option, which can be attached to a message, field,
+ # enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
+ "value": { # The option's value packed in an Any message. If the value is a primitive,
+ # the corresponding wrapper type defined in google/protobuf/wrappers.proto
+ # should be used. If the value is an enum, it should be stored as an int32
+ # value using the google.protobuf.Int32Value type.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ },
+ ],
"version": "A String", # A version string for this interface. If specified, must have the form
# `major-version.minor-version`, as in `1.10`. If the minor version is
# omitted, it defaults to zero. If the entire version field is empty, the
@@ -938,8 +874,6 @@
# `google.feature.v1`. For major versions 0 and 1, the suffix can
# be omitted. Zero major versions must only be used for
# experimental, non-GA interfaces.
- "name": "A String", # The fully qualified name of this interface, including package name
- # followed by the interface's simple name.
"sourceContext": { # `SourceContext` represents information about the source of a # Source context for the protocol buffer service represented by this
# message.
# protobuf element, like the file in which it is defined.
@@ -1030,59 +964,125 @@
# are rooted.
},
],
+ "name": "A String", # The fully qualified name of this interface, including package name
+ # followed by the interface's simple name.
"methods": [ # The methods of this interface, in unspecified order.
{ # Method represents a method of an API interface.
- "name": "A String", # The simple name of this method.
- "requestStreaming": True or False, # If true, the request is streamed.
- "syntax": "A String", # The source syntax of this method.
"responseStreaming": True or False, # If true, the response is streamed.
- "responseTypeUrl": "A String", # The URL of the output message type.
- "requestTypeUrl": "A String", # A URL of the input message type.
+ "requestStreaming": True or False, # If true, the request is streamed.
+ "name": "A String", # The simple name of this method.
+ "syntax": "A String", # The source syntax of this method.
"options": [ # Any metadata attached to the method.
{ # A protocol buffer option, which can be attached to a message, field,
# enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
"value": { # The option's value packed in an Any message. If the value is a primitive,
# the corresponding wrapper type defined in google/protobuf/wrappers.proto
# should be used. If the value is an enum, it should be stored as an int32
# value using the google.protobuf.Int32Value type.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
},
],
- },
- ],
- "options": [ # Any metadata attached to the interface.
- { # A protocol buffer option, which can be attached to a message, field,
- # enumeration, etc.
- "value": { # The option's value packed in an Any message. If the value is a primitive,
- # the corresponding wrapper type defined in google/protobuf/wrappers.proto
- # should be used. If the value is an enum, it should be stored as an int32
- # value using the google.protobuf.Int32Value type.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
+ "responseTypeUrl": "A String", # The URL of the output message type.
+ "requestTypeUrl": "A String", # A URL of the input message type.
},
],
},
],
- "name": "A String", # The DNS address at which this service is available.
- #
- # An example DNS address would be:
- # `calendar.googleapis.com`.
+ "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
+ "requirements": [ # Requirements that must be satisfied before a consumer project can use the
+ # service. Each requirement is of the form <service.name>/<requirement-id>;
+ # for example 'serviceusage.googleapis.com/billing-enabled'.
+ "A String",
+ ],
+ "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
+ #
+ #
+ # Use this field to configure per-product per-project service identity.
+ # Example of a service identity configuration.
+ #
+ # usage:
+ # service_identity:
+ # - service_account_parent: "projects/123456789"
+ # display_name: "Cloud XXX Service Agent"
+ # description: "Used as the identity of Cloud XXX to access resources"
+ "displayName": "A String", # Optional. A user-specified name for the service account.
+ # Must be less than or equal to 100 UTF-8 bytes.
+ "description": "A String", # Optional. A user-specified opaque description of the service account.
+ # Must be less than or equal to 256 UTF-8 bytes.
+ "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
+ #
+ # An example name would be:
+ # `projects/123456789`
+ },
+ "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
+ # service producer.
+ #
+ # Google Service Management currently only supports
+ # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
+ # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
+ # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
+ # documented in https://cloud.google.com/pubsub/docs/overview.
+ "rules": [ # A list of usage rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Usage configuration rules for the service.
+ #
+ # NOTE: Under development.
+ #
+ #
+ # Use this rule to configure unregistered calls for the service. Unregistered
+ # calls are calls that do not contain consumer project identity.
+ # (Example: calls that do not contain an API key).
+ # By default, API methods do not allow unregistered calls, and each method call
+ # must be identified by a consumer project identity. Use this rule to
+ # allow/disallow unregistered calls.
+ #
+ # Example of an API that wants to allow unregistered calls for entire service.
+ #
+ # usage:
+ # rules:
+ # - selector: "*"
+ # allow_unregistered_calls: true
+ #
+ # Example of a method that wants to allow unregistered calls.
+ #
+ # usage:
+ # rules:
+ # - selector: "google.example.library.v1.LibraryService.CreateBook"
+ # allow_unregistered_calls: true
+ "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
+ # methods in all APIs.
+ #
+ # Refer to selector for syntax details.
+ "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
+ # plane features, such as quota and billing, will not be available.
+ # This flag is used by Google Cloud Endpoints to bypass checks for internal
+ # methods, such as service health check methods.
+ "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
+ # that don't identify any user or application.
+ },
+ ],
+ },
},
+ "name": "A String", # The resource name of the consumer and service.
+ #
+ # A valid name would be:
+ # - projects/123/services/serviceusage.googleapis.com
"state": "A String", # Whether or not the service has been enabled for use by the consumer.
+ "parent": "A String", # The resource name of the consumer.
+ #
+ # A valid name would be:
+ # - projects/123
}</pre>
</div>
<div class="method">
- <code class="details" id="list">list(parent, filter=None, pageToken=None, pageSize=None, x__xgafv=None)</code>
+ <code class="details" id="list">list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</code>
<pre>List all services available to the specified project, and the current
state of those services with respect to the project. The list includes
all public services, all services for which the calling user has the
@@ -1099,11 +1099,11 @@
where `123` is the project number (not project ID). (required)
filter: string, Only list services that conform to the given filter.
The allowed filter strings are `state:ENABLED` and `state:DISABLED`.
- pageToken: string, Token identifying which result to start with, which is returned by a
-previous list call.
pageSize: integer, Requested size of the next page of data.
Requested page size cannot exceed 200.
If not set, the default page size is 50.
+ pageToken: string, Token identifying which result to start with, which is returned by a
+previous list call.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -1115,18 +1115,290 @@
{ # Response message for the `ListServices` method.
"services": [ # The available services for the requested project.
{ # A service that is available for use by the consumer.
- "name": "A String", # The resource name of the consumer and service.
- #
- # A valid name would be:
- # - projects/123/services/serviceusage.googleapis.com
- "parent": "A String", # The resource name of the consumer.
- #
- # A valid name would be:
- # - projects/123
"config": { # The configuration of the service. # The service configuration of the available service.
# Some fields may be filtered out of the configuration in responses to
# the `ListServices` method. These fields are present only in responses to
# the `GetService` method.
+ "documentation": { # `Documentation` provides the information for describing a service. # Additional API documentation. Contains only the summary and the
+ # documentation URL.
+ #
+ # Example:
+ # <pre><code>documentation:
+ # summary: >
+ # The Google Calendar API gives access
+ # to most calendar features.
+ # pages:
+ # - name: Overview
+ # content: &#40;== include google/foo/overview.md ==&#41;
+ # - name: Tutorial
+ # content: &#40;== include google/foo/tutorial.md ==&#41;
+ # subpages;
+ # - name: Java
+ # content: &#40;== include google/foo/tutorial_java.md ==&#41;
+ # rules:
+ # - selector: google.calendar.Calendar.Get
+ # description: >
+ # ...
+ # - selector: google.calendar.Calendar.Put
+ # description: >
+ # ...
+ # </code></pre>
+ # Documentation is provided in markdown syntax. In addition to
+ # standard markdown features, definition lists, tables and fenced
+ # code blocks are supported. Section headers can be provided and are
+ # interpreted relative to the section nesting of the context where
+ # a documentation fragment is embedded.
+ #
+ # Documentation from the IDL is merged with documentation defined
+ # via the config at normalization time, where documentation provided
+ # by config rules overrides IDL provided.
+ #
+ # A number of constructs specific to the API platform are supported
+ # in documentation text.
+ #
+ # In order to reference a proto element, the following
+ # notation can be used:
+ # <pre><code>&#91;fully.qualified.proto.name]&#91;]</code></pre>
+ # To override the display text used for the link, this can be used:
+ # <pre><code>&#91;display text]&#91;fully.qualified.proto.name]</code></pre>
+ # Text can be excluded from doc using the following notation:
+ # <pre><code>&#40;-- internal comment --&#41;</code></pre>
+ #
+ # A few directives are available in documentation. Note that
+ # directives must appear on a single line to be properly
+ # identified. The `include` directive includes a markdown file from
+ # an external source:
+ # <pre><code>&#40;== include path/to/file ==&#41;</code></pre>
+ # The `resource_for` directive marks a message to be the resource of
+ # a collection in REST view. If it is not specified, tools attempt
+ # to infer the resource from the operations in a collection:
+ # <pre><code>&#40;== resource_for v1.shelves.books ==&#41;</code></pre>
+ # The directive `suppress_warning` does not directly affect documentation
+ # and is documented together with service config validation.
+ "documentationRootUrl": "A String", # The URL to the root of documentation.
+ "rules": [ # A list of documentation rules that apply to individual API elements.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # A documentation rule provides information about individual API elements.
+ "description": "A String", # Description of the selected API(s).
+ "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
+ # qualified name of the element which may end in "*", indicating a wildcard.
+ # Wildcards are only allowed at the end and for a whole component of the
+ # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
+ # wildcard will match one or more components. To specify a default for all
+ # applicable elements, the whole pattern "*" is used.
+ "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
+ # an element is marked as `deprecated`.
+ },
+ ],
+ "overview": "A String", # Declares a single overview page. For example:
+ # <pre><code>documentation:
+ # summary: ...
+ # overview: &#40;== include overview.md ==&#41;
+ # </code></pre>
+ # This is a shortcut for the following declaration (using pages style):
+ # <pre><code>documentation:
+ # summary: ...
+ # pages:
+ # - name: Overview
+ # content: &#40;== include overview.md ==&#41;
+ # </code></pre>
+ # Note: you cannot specify both `overview` field and `pages` field.
+ "pages": [ # The top level pages for the documentation set.
+ { # Represents a documentation page. A page can contain subpages to represent
+ # nested documentation set structure.
+ "name": "A String", # The name of the page. It will be used as an identity of the page to
+ # generate URI of the page, text of the link to this page in navigation,
+ # etc. The full page name (start from the root page name to this page
+ # concatenated with `.`) can be used as reference to the page in your
+ # documentation. For example:
+ # <pre><code>pages:
+ # - name: Tutorial
+ # content: &#40;== include tutorial.md ==&#41;
+ # subpages:
+ # - name: Java
+ # content: &#40;== include tutorial_java.md ==&#41;
+ # </code></pre>
+ # You can reference `Java` page using Markdown reference link syntax:
+ # `Java`.
+ "subpages": [ # Subpages of this page. The order of subpages specified here will be
+ # honored in the generated docset.
+ # Object with schema name: Page
+ ],
+ "content": "A String", # The Markdown content of the page. You can use <code>&#40;== include {path}
+ # ==&#41;</code> to include content from a Markdown file.
+ },
+ ],
+ "serviceRootUrl": "A String", # Specifies the service root url if the default one (the service name
+ # from the yaml file) is not suitable. This can be seen in any fully
+ # specified service urls as well as sections that show a base that other
+ # urls are relative to.
+ "summary": "A String", # A short summary of what the service does. Can only be provided by
+ # plain text.
+ },
+ "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
+ #
+ # Example for an API targeted for external use:
+ #
+ # name: calendar.googleapis.com
+ # authentication:
+ # providers:
+ # - id: google_calendar_auth
+ # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
+ # issuer: https://securetoken.google.com
+ # rules:
+ # - selector: "*"
+ # requirements:
+ # provider_id: google_calendar_auth
+ "providers": [ # Defines a set of authentication providers that a service supports.
+ { # Configuration for an authentication provider, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "audiences": "A String", # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, JWTs with audiences:
+ # - "https://[service.name]/[google.protobuf.Api.name]"
+ # - "https://[service.name]/"
+ # will be accepted.
+ # For example, if no audiences are in the setting, LibraryService API will
+ # accept JWTs with the following audiences:
+ # -
+ # https://library-example.googleapis.com/google.example.library.v1.LibraryService
+ # - https://library-example.googleapis.com/
+ #
+ # Example:
+ #
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
+ # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
+ "jwtLocations": [ # Defines the locations to extract the JWT.
+ #
+ # JWT locations can be either from HTTP headers or URL query parameters.
+ # The rule is that the first match wins. The checking order is: checking
+ # all headers first, then URL query parameters.
+ #
+ # If not specified, default to use following 3 locations:
+ # 1) Authorization: Bearer
+ # 2) x-goog-iap-jwt-assertion
+ # 3) access_token query parameter
+ #
+ # Default locations can be specified as followings:
+ # jwt_locations:
+ # - header: Authorization
+ # value_prefix: "Bearer "
+ # - header: x-goog-iap-jwt-assertion
+ # - query: access_token
+ { # Specifies a location to extract JWT from an API request.
+ "header": "A String", # Specifies HTTP header name to extract JWT token.
+ "query": "A String", # Specifies URL query parameter name to extract JWT token.
+ "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
+ # Only applies to "in" header type. Must be empty for "in" query type.
+ # If not empty, the header value has to match (case sensitive) this prefix.
+ # If not matched, JWT will not be extracted. If matched, JWT will be
+ # extracted after the prefix is removed.
+ #
+ # For example, for "Authorization: Bearer {JWT}",
+ # value_prefix="Bearer " with a space at the end.
+ },
+ ],
+ "issuer": "A String", # Identifies the principal that issued the JWT. See
+ # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
+ # Usually a URL or an email address.
+ #
+ # Example: https://securetoken.google.com
+ # Example: 1234567-compute@developer.gserviceaccount.com
+ "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
+ # Optional if the key set document:
+ # - can be retrieved from
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
+ # the issuer.
+ # - can be inferred from the email domain of the issuer (e.g. a Google
+ # service account).
+ #
+ # Example: https://www.googleapis.com/oauth2/v1/certs
+ "id": "A String", # The unique identifier of the auth provider. It will be referred to by
+ # `AuthRequirement.provider_id`.
+ #
+ # Example: "bookstore_auth".
+ },
+ ],
+ "rules": [ # A list of authentication rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Authentication rules for the service.
+ #
+ # By default, if a method has any authentication requirements, every request
+ # must include a valid credential matching one of the requirements.
+ # It's an error to include more than one kind of credential in a single
+ # request.
+ #
+ # If a method doesn't have any auth requirements, request credentials will be
+ # ignored.
+ "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
+ # there are scopes defined for "Read-only access to Google Calendar" and
+ # "Access to Cloud Platform". Users can consent to a scope for an application,
+ # giving it permission to access that data on their behalf.
+ #
+ # OAuth scope specifications should be fairly coarse grained; a user will need
+ # to see and understand the text description of what your scope means.
+ #
+ # In most cases: use one or at most two OAuth scopes for an entire family of
+ # products. If your product has multiple APIs, you should probably be sharing
+ # the OAuth scope across all of those APIs.
+ #
+ # When you need finer grained OAuth consent screens: talk with your product
+ # management about how developers will use them in practice.
+ #
+ # Please note that even though each of the canonical scopes is enough for a
+ # request to be accepted and passed to the backend, a request can still fail
+ # due to the backend requiring additional scopes or permissions.
+ "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
+ # OAuth token containing any of these scopes will be accepted.
+ #
+ # Example:
+ #
+ # canonical_scopes: https://www.googleapis.com/auth/calendar,
+ # https://www.googleapis.com/auth/calendar.read
+ },
+ "selector": "A String", # Selects the methods to which this rule applies.
+ #
+ # Refer to selector for syntax details.
+ "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
+ "requirements": [ # Requirements for additional authentication providers.
+ { # User-defined authentication requirements, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "providerId": "A String", # id from authentication provider.
+ #
+ # Example:
+ #
+ # provider_id: bookstore_auth
+ "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
+ # implemented and accepted in all the runtime components.
+ #
+ # The list of JWT
+ # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+ # that are allowed to access. A JWT containing any of these audiences will
+ # be accepted. When this setting is absent, only JWTs with audience
+ # "https://Service_name/API_name"
+ # will be accepted. For example, if no audiences are in the setting,
+ # LibraryService API will only accept JWTs with the following audience
+ # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
+ #
+ # Example:
+ #
+ # audiences: bookstore_android.apps.googleusercontent.com,
+ # bookstore_web.apps.googleusercontent.com
+ },
+ ],
+ },
+ ],
+ },
"endpoints": [ # Configuration for network endpoints. Contains only the names and aliases
# of the endpoints.
{ # `Endpoint` describes a network endpoint that serves a set of APIs.
@@ -1145,20 +1417,20 @@
# # allowed to proceed.
# - name: library-example.googleapis.com
# allow_cors: true
+ "features": [ # The list of features enabled on this endpoint.
+ "A String",
+ ],
+ "target": "A String", # The specification of an Internet routable address of API frontend that will
+ # handle requests to this [API
+ # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
+ # either a valid IPv4 address or a fully-qualified domain name. For example,
+ # "8.8.8.8" or "myservice.appspot.com".
"allowCors": True or False, # Allowing
# [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka
# cross-domain traffic, would allow the backends served from this endpoint to
# receive and respond to HTTP OPTIONS requests. The response will be used by
# the browser to determine whether the subsequent cross-origin request is
# allowed to proceed.
- "target": "A String", # The specification of an Internet routable address of API frontend that will
- # handle requests to this [API
- # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
- # either a valid IPv4 address or a fully-qualified domain name. For example,
- # "8.8.8.8" or "myservice.appspot.com".
- "features": [ # The list of features enabled on this endpoint.
- "A String",
- ],
"name": "A String", # The canonical name of this endpoint.
"aliases": [ # DEPRECATED: This field is no longer supported. Instead of using aliases,
# please specify multiple google.api.Endpoint for each of the intended
@@ -1219,72 +1491,6 @@
# metric_kind: DELTA
# value_type: INT64
#
- "limits": [ # List of `QuotaLimit` definitions for the service.
- { # `QuotaLimit` defines a specific limit that applies over a specified duration
- # for a limit type. There can be at most one limit for a duration and limit
- # type combination defined within a `QuotaGroup`.
- "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
- #
- # Used by group-based quotas only.
- "values": { # Tiered limit values. You must specify this as a key:value pair, with an
- # integer value that is the maximum number of requests allowed for the
- # specified unit. Currently only STANDARD is supported.
- "a_key": "A String",
- },
- "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
- # Metric.unit. The supported unit kinds are determined by the quota
- # backend system.
- #
- # Here are some examples:
- # * "1/min/{project}" for quota per minute per project.
- #
- # Note: the order of unit components is insignificant.
- # The "1" at the beginning is required to follow the metric unit syntax.
- "displayName": "A String", # User-visible display name for this limit.
- # Optional. If not set, the UI will provide a default display name based on
- # the quota configuration. This field can be used to override the default
- # display name generated from the configuration.
- "description": "A String", # Optional. User-visible, extended description for this quota limit.
- # Should be used only when more context is needed to understand this limit
- # than provided by the limit's display name (see: `display_name`).
- "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
- # the same metric will be checked together during runtime. The metric must be
- # defined within the service config.
- "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
- # duration. This is the number of tokens assigned when a client
- # application developer activates the service for his/her project.
- #
- # Specifying a value of 0 will block all requests. This can be used if you
- # are provisioning quota to selected consumers and blocking others.
- # Similarly, a value of -1 will indicate an unlimited quota. No other
- # negative values are allowed.
- #
- # Used by group-based quotas only.
- "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
- # The free tier is the number of tokens that will be subtracted from the
- # billed amount when billing is enabled.
- # This field can only be set on a limit with duration "1d", in a billable
- # group; it is invalid on any other limit. If this field is not set, it
- # defaults to 0, indicating that there is no free tier for this service.
- #
- # Used by group-based quotas only.
- "name": "A String", # Name of the quota limit.
- #
- # The name must be provided, and it must be unique within the service. The
- # name can only include alphanumeric characters as well as '-'.
- #
- # The maximum length of the limit name is 64 characters.
- "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
- # duration. Client application developers can override the default limit up
- # to this maximum. If specified, this value cannot be set to a value less
- # than the default limit. If not specified, it is set to the default limit.
- #
- # To allow clients to apply overrides with no upper bound, set this to -1,
- # indicating unlimited maximum quota.
- #
- # Used by group-based quotas only.
- },
- ],
"metricRules": [ # List of `MetricRule` definitions, each one mapping a selected method to one
# or more metrics.
{ # Bind API methods to metrics. Binding a method to a metric causes that
@@ -1302,363 +1508,78 @@
# Refer to selector for syntax details.
},
],
- },
- "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
- "requirements": [ # Requirements that must be satisfied before a consumer project can use the
- # service. Each requirement is of the form <service.name>/<requirement-id>;
- # for example 'serviceusage.googleapis.com/billing-enabled'.
- "A String",
- ],
- "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
- #
- #
- # Use this field to configure per-product per-project service identity.
- # Example of a service identity configuration.
- #
- # usage:
- # service_identity:
- # - service_account_parent: "projects/123456789"
- # display_name: "Cloud XXX Service Agent"
- # description: "Used as the identity of Cloud XXX to access resources"
- "description": "A String", # Optional. A user-specified opaque description of the service account.
- # Must be less than or equal to 256 UTF-8 bytes.
- "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
- #
- # An example name would be:
- # `projects/123456789`
- "displayName": "A String", # Optional. A user-specified name for the service account.
- # Must be less than or equal to 100 UTF-8 bytes.
- },
- "rules": [ # A list of usage rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Usage configuration rules for the service.
- #
- # NOTE: Under development.
- #
- #
- # Use this rule to configure unregistered calls for the service. Unregistered
- # calls are calls that do not contain consumer project identity.
- # (Example: calls that do not contain an API key).
- # By default, API methods do not allow unregistered calls, and each method call
- # must be identified by a consumer project identity. Use this rule to
- # allow/disallow unregistered calls.
- #
- # Example of an API that wants to allow unregistered calls for entire service.
- #
- # usage:
- # rules:
- # - selector: "*"
- # allow_unregistered_calls: true
- #
- # Example of a method that wants to allow unregistered calls.
- #
- # usage:
- # rules:
- # - selector: "google.example.library.v1.LibraryService.CreateBook"
- # allow_unregistered_calls: true
- "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
- # methods in all APIs.
+ "limits": [ # List of `QuotaLimit` definitions for the service.
+ { # `QuotaLimit` defines a specific limit that applies over a specified duration
+ # for a limit type. There can be at most one limit for a duration and limit
+ # type combination defined within a `QuotaGroup`.
+ "duration": "A String", # Duration of this limit in textual notation. Must be "100s" or "1d".
#
- # Refer to selector for syntax details.
- "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
- # plane features, such as quota and billing, will not be available.
- # This flag is used by Google Cloud Endpoints to bypass checks for internal
- # methods, such as service health check methods.
- "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
- # that don't identify any user or application.
- },
- ],
- "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
- # service producer.
- #
- # Google Service Management currently only supports
- # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
- # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
- # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
- # documented in https://cloud.google.com/pubsub/docs/overview.
- },
- "authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration. Contains only the OAuth rules.
- #
- # Example for an API targeted for external use:
- #
- # name: calendar.googleapis.com
- # authentication:
- # providers:
- # - id: google_calendar_auth
- # jwks_uri: https://www.googleapis.com/oauth2/v1/certs
- # issuer: https://securetoken.google.com
- # rules:
- # - selector: "*"
- # requirements:
- # provider_id: google_calendar_auth
- "providers": [ # Defines a set of authentication providers that a service supports.
- { # Configuration for an authentication provider, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
- # Optional if the key set document:
- # - can be retrieved from
- # [OpenID
- # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
- # the issuer.
- # - can be inferred from the email domain of the issuer (e.g. a Google
- # service account).
+ # Used by group-based quotas only.
+ "name": "A String", # Name of the quota limit.
#
- # Example: https://www.googleapis.com/oauth2/v1/certs
- "issuer": "A String", # Identifies the principal that issued the JWT. See
- # https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
- # Usually a URL or an email address.
+ # The name must be provided, and it must be unique within the service. The
+ # name can only include alphanumeric characters as well as '-'.
#
- # Example: https://securetoken.google.com
- # Example: 1234567-compute@developer.gserviceaccount.com
- "id": "A String", # The unique identifier of the auth provider. It will be referred to by
- # `AuthRequirement.provider_id`.
+ # The maximum length of the limit name is 64 characters.
+ "maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
+ # duration. Client application developers can override the default limit up
+ # to this maximum. If specified, this value cannot be set to a value less
+ # than the default limit. If not specified, it is set to the default limit.
#
- # Example: "bookstore_auth".
- "jwtLocations": [ # Defines the locations to extract the JWT.
+ # To allow clients to apply overrides with no upper bound, set this to -1,
+ # indicating unlimited maximum quota.
#
- # JWT locations can be either from HTTP headers or URL query parameters.
- # The rule is that the first match wins. The checking order is: checking
- # all headers first, then URL query parameters.
- #
- # If not specified, default to use following 3 locations:
- # 1) Authorization: Bearer
- # 2) x-goog-iap-jwt-assertion
- # 3) access_token query parameter
- #
- # Default locations can be specified as followings:
- # jwt_locations:
- # - header: Authorization
- # value_prefix: "Bearer "
- # - header: x-goog-iap-jwt-assertion
- # - query: access_token
- { # Specifies a location to extract JWT from an API request.
- "query": "A String", # Specifies URL query parameter name to extract JWT token.
- "header": "A String", # Specifies HTTP header name to extract JWT token.
- "valuePrefix": "A String", # The value prefix. The value format is "value_prefix{token}"
- # Only applies to "in" header type. Must be empty for "in" query type.
- # If not empty, the header value has to match (case sensitive) this prefix.
- # If not matched, JWT will not be extracted. If matched, JWT will be
- # extracted after the prefix is removed.
- #
- # For example, for "Authorization: Bearer {JWT}",
- # value_prefix="Bearer " with a space at the end.
- },
- ],
- "audiences": "A String", # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, JWTs with audiences:
- # - "https://[service.name]/[google.protobuf.Api.name]"
- # - "https://[service.name]/"
- # will be accepted.
- # For example, if no audiences are in the setting, LibraryService API will
- # accept JWTs with the following audiences:
- # -
- # https://library-example.googleapis.com/google.example.library.v1.LibraryService
- # - https://library-example.googleapis.com/
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
- # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
- },
- ],
- "rules": [ # A list of authentication rules that apply to individual API methods.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # Authentication rules for the service.
- #
- # By default, if a method has any authentication requirements, every request
- # must include a valid credential matching one of the requirements.
- # It's an error to include more than one kind of credential in a single
- # request.
- #
- # If a method doesn't have any auth requirements, request credentials will be
- # ignored.
- "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
- "oauth": { # OAuth scopes are a way to define data and permissions on data. For example, # The requirements for OAuth credentials.
- # there are scopes defined for "Read-only access to Google Calendar" and
- # "Access to Cloud Platform". Users can consent to a scope for an application,
- # giving it permission to access that data on their behalf.
- #
- # OAuth scope specifications should be fairly coarse grained; a user will need
- # to see and understand the text description of what your scope means.
- #
- # In most cases: use one or at most two OAuth scopes for an entire family of
- # products. If your product has multiple APIs, you should probably be sharing
- # the OAuth scope across all of those APIs.
- #
- # When you need finer grained OAuth consent screens: talk with your product
- # management about how developers will use them in practice.
- #
- # Please note that even though each of the canonical scopes is enough for a
- # request to be accepted and passed to the backend, a request can still fail
- # due to the backend requiring additional scopes or permissions.
- "canonicalScopes": "A String", # The list of publicly documented OAuth scopes that are allowed access. An
- # OAuth token containing any of these scopes will be accepted.
- #
- # Example:
- #
- # canonical_scopes: https://www.googleapis.com/auth/calendar,
- # https://www.googleapis.com/auth/calendar.read
+ # Used by group-based quotas only.
+ "description": "A String", # Optional. User-visible, extended description for this quota limit.
+ # Should be used only when more context is needed to understand this limit
+ # than provided by the limit's display name (see: `display_name`).
+ "values": { # Tiered limit values. You must specify this as a key:value pair, with an
+ # integer value that is the maximum number of requests allowed for the
+ # specified unit. Currently only STANDARD is supported.
+ "a_key": "A String",
},
- "requirements": [ # Requirements for additional authentication providers.
- { # User-defined authentication requirements, including support for
- # [JSON Web Token
- # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
- "providerId": "A String", # id from authentication provider.
- #
- # Example:
- #
- # provider_id: bookstore_auth
- "audiences": "A String", # NOTE: This will be deprecated soon, once AuthProvider.audiences is
- # implemented and accepted in all the runtime components.
- #
- # The list of JWT
- # [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
- # that are allowed to access. A JWT containing any of these audiences will
- # be accepted. When this setting is absent, only JWTs with audience
- # "https://Service_name/API_name"
- # will be accepted. For example, if no audiences are in the setting,
- # LibraryService API will only accept JWTs with the following audience
- # "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
- #
- # Example:
- #
- # audiences: bookstore_android.apps.googleusercontent.com,
- # bookstore_web.apps.googleusercontent.com
- },
- ],
- "selector": "A String", # Selects the methods to which this rule applies.
+ "unit": "A String", # Specify the unit of the quota limit. It uses the same syntax as
+ # Metric.unit. The supported unit kinds are determined by the quota
+ # backend system.
#
- # Refer to selector for syntax details.
+ # Here are some examples:
+ # * "1/min/{project}" for quota per minute per project.
+ #
+ # Note: the order of unit components is insignificant.
+ # The "1" at the beginning is required to follow the metric unit syntax.
+ "metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
+ # the same metric will be checked together during runtime. The metric must be
+ # defined within the service config.
+ "displayName": "A String", # User-visible display name for this limit.
+ # Optional. If not set, the UI will provide a default display name based on
+ # the quota configuration. This field can be used to override the default
+ # display name generated from the configuration.
+ "freeTier": "A String", # Free tier value displayed in the Developers Console for this limit.
+ # The free tier is the number of tokens that will be subtracted from the
+ # billed amount when billing is enabled.
+ # This field can only be set on a limit with duration "1d", in a billable
+ # group; it is invalid on any other limit. If this field is not set, it
+ # defaults to 0, indicating that there is no free tier for this service.
+ #
+ # Used by group-based quotas only.
+ "defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
+ # duration. This is the number of tokens assigned when a client
+ # application developer activates the service for his/her project.
+ #
+ # Specifying a value of 0 will block all requests. This can be used if you
+ # are provisioning quota to selected consumers and blocking others.
+ # Similarly, a value of -1 will indicate an unlimited quota. No other
+ # negative values are allowed.
+ #
+ # Used by group-based quotas only.
},
],
},
- "documentation": { # `Documentation` provides the information for describing a service. # Additional API documentation. Contains only the summary and the
- # documentation URL.
- #
- # Example:
- # <pre><code>documentation:
- # summary: >
- # The Google Calendar API gives access
- # to most calendar features.
- # pages:
- # - name: Overview
- # content: &#40;== include google/foo/overview.md ==&#41;
- # - name: Tutorial
- # content: &#40;== include google/foo/tutorial.md ==&#41;
- # subpages;
- # - name: Java
- # content: &#40;== include google/foo/tutorial_java.md ==&#41;
- # rules:
- # - selector: google.calendar.Calendar.Get
- # description: >
- # ...
- # - selector: google.calendar.Calendar.Put
- # description: >
- # ...
- # </code></pre>
- # Documentation is provided in markdown syntax. In addition to
- # standard markdown features, definition lists, tables and fenced
- # code blocks are supported. Section headers can be provided and are
- # interpreted relative to the section nesting of the context where
- # a documentation fragment is embedded.
- #
- # Documentation from the IDL is merged with documentation defined
- # via the config at normalization time, where documentation provided
- # by config rules overrides IDL provided.
- #
- # A number of constructs specific to the API platform are supported
- # in documentation text.
- #
- # In order to reference a proto element, the following
- # notation can be used:
- # <pre><code>&#91;fully.qualified.proto.name]&#91;]</code></pre>
- # To override the display text used for the link, this can be used:
- # <pre><code>&#91;display text]&#91;fully.qualified.proto.name]</code></pre>
- # Text can be excluded from doc using the following notation:
- # <pre><code>&#40;-- internal comment --&#41;</code></pre>
- #
- # A few directives are available in documentation. Note that
- # directives must appear on a single line to be properly
- # identified. The `include` directive includes a markdown file from
- # an external source:
- # <pre><code>&#40;== include path/to/file ==&#41;</code></pre>
- # The `resource_for` directive marks a message to be the resource of
- # a collection in REST view. If it is not specified, tools attempt
- # to infer the resource from the operations in a collection:
- # <pre><code>&#40;== resource_for v1.shelves.books ==&#41;</code></pre>
- # The directive `suppress_warning` does not directly affect documentation
- # and is documented together with service config validation.
- "serviceRootUrl": "A String", # Specifies the service root url if the default one (the service name
- # from the yaml file) is not suitable. This can be seen in any fully
- # specified service urls as well as sections that show a base that other
- # urls are relative to.
- "pages": [ # The top level pages for the documentation set.
- { # Represents a documentation page. A page can contain subpages to represent
- # nested documentation set structure.
- "content": "A String", # The Markdown content of the page. You can use <code>&#40;== include {path}
- # ==&#41;</code> to include content from a Markdown file.
- "name": "A String", # The name of the page. It will be used as an identity of the page to
- # generate URI of the page, text of the link to this page in navigation,
- # etc. The full page name (start from the root page name to this page
- # concatenated with `.`) can be used as reference to the page in your
- # documentation. For example:
- # <pre><code>pages:
- # - name: Tutorial
- # content: &#40;== include tutorial.md ==&#41;
- # subpages:
- # - name: Java
- # content: &#40;== include tutorial_java.md ==&#41;
- # </code></pre>
- # You can reference `Java` page using Markdown reference link syntax:
- # `Java`.
- "subpages": [ # Subpages of this page. The order of subpages specified here will be
- # honored in the generated docset.
- # Object with schema name: Page
- ],
- },
- ],
- "summary": "A String", # A short summary of what the service does. Can only be provided by
- # plain text.
- "rules": [ # A list of documentation rules that apply to individual API elements.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # A documentation rule provides information about individual API elements.
- "selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
- # qualified name of the element which may end in "*", indicating a wildcard.
- # Wildcards are only allowed at the end and for a whole component of the
- # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
- # wildcard will match one or more components. To specify a default for all
- # applicable elements, the whole pattern "*" is used.
- "description": "A String", # Description of the selected API(s).
- "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
- # an element is marked as `deprecated`.
- },
- ],
- "documentationRootUrl": "A String", # The URL to the root of documentation.
- "overview": "A String", # Declares a single overview page. For example:
- # <pre><code>documentation:
- # summary: ...
- # overview: &#40;== include overview.md ==&#41;
- # </code></pre>
- # This is a shortcut for the following declaration (using pages style):
- # <pre><code>documentation:
- # summary: ...
- # pages:
- # - name: Overview
- # content: &#40;== include overview.md ==&#41;
- # </code></pre>
- # Note: you cannot specify both `overview` field and `pages` field.
- },
"title": "A String", # The product title for this service.
+ "name": "A String", # The DNS address at which this service is available.
+ #
+ # An example DNS address would be:
+ # `calendar.googleapis.com`.
"apis": [ # A list of API interfaces exported by this service. Contains only the names,
# versions, and method names of the interfaces.
{ # Api is a light-weight descriptor for an API Interface.
@@ -1671,6 +1592,21 @@
# this message itself. See https://cloud.google.com/apis/design/glossary for
# detailed terminology.
"syntax": "A String", # The source syntax of the service.
+ "options": [ # Any metadata attached to the interface.
+ { # A protocol buffer option, which can be attached to a message, field,
+ # enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
+ "value": { # The option's value packed in an Any message. If the value is a primitive,
+ # the corresponding wrapper type defined in google/protobuf/wrappers.proto
+ # should be used. If the value is an enum, it should be stored as an int32
+ # value using the google.protobuf.Int32Value type.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ },
+ ],
"version": "A String", # A version string for this interface. If specified, must have the form
# `major-version.minor-version`, as in `1.10`. If the minor version is
# omitted, it defaults to zero. If the entire version field is empty, the
@@ -1690,8 +1626,6 @@
# `google.feature.v1`. For major versions 0 and 1, the suffix can
# be omitted. Zero major versions must only be used for
# experimental, non-GA interfaces.
- "name": "A String", # The fully qualified name of this interface, including package name
- # followed by the interface's simple name.
"sourceContext": { # `SourceContext` represents information about the source of a # Source context for the protocol buffer service represented by this
# message.
# protobuf element, like the file in which it is defined.
@@ -1782,54 +1716,120 @@
# are rooted.
},
],
+ "name": "A String", # The fully qualified name of this interface, including package name
+ # followed by the interface's simple name.
"methods": [ # The methods of this interface, in unspecified order.
{ # Method represents a method of an API interface.
- "name": "A String", # The simple name of this method.
- "requestStreaming": True or False, # If true, the request is streamed.
- "syntax": "A String", # The source syntax of this method.
"responseStreaming": True or False, # If true, the response is streamed.
- "responseTypeUrl": "A String", # The URL of the output message type.
- "requestTypeUrl": "A String", # A URL of the input message type.
+ "requestStreaming": True or False, # If true, the request is streamed.
+ "name": "A String", # The simple name of this method.
+ "syntax": "A String", # The source syntax of this method.
"options": [ # Any metadata attached to the method.
{ # A protocol buffer option, which can be attached to a message, field,
# enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
"value": { # The option's value packed in an Any message. If the value is a primitive,
# the corresponding wrapper type defined in google/protobuf/wrappers.proto
# should be used. If the value is an enum, it should be stored as an int32
# value using the google.protobuf.Int32Value type.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
},
],
- },
- ],
- "options": [ # Any metadata attached to the interface.
- { # A protocol buffer option, which can be attached to a message, field,
- # enumeration, etc.
- "value": { # The option's value packed in an Any message. If the value is a primitive,
- # the corresponding wrapper type defined in google/protobuf/wrappers.proto
- # should be used. If the value is an enum, it should be stored as an int32
- # value using the google.protobuf.Int32Value type.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
+ "responseTypeUrl": "A String", # The URL of the output message type.
+ "requestTypeUrl": "A String", # A URL of the input message type.
},
],
},
],
- "name": "A String", # The DNS address at which this service is available.
- #
- # An example DNS address would be:
- # `calendar.googleapis.com`.
+ "usage": { # Configuration controlling usage of a service. # Configuration controlling usage of this service.
+ "requirements": [ # Requirements that must be satisfied before a consumer project can use the
+ # service. Each requirement is of the form <service.name>/<requirement-id>;
+ # for example 'serviceusage.googleapis.com/billing-enabled'.
+ "A String",
+ ],
+ "serviceIdentity": { # The per-product per-project service identity for a service. # The configuration of a per-product per-project service identity.
+ #
+ #
+ # Use this field to configure per-product per-project service identity.
+ # Example of a service identity configuration.
+ #
+ # usage:
+ # service_identity:
+ # - service_account_parent: "projects/123456789"
+ # display_name: "Cloud XXX Service Agent"
+ # description: "Used as the identity of Cloud XXX to access resources"
+ "displayName": "A String", # Optional. A user-specified name for the service account.
+ # Must be less than or equal to 100 UTF-8 bytes.
+ "description": "A String", # Optional. A user-specified opaque description of the service account.
+ # Must be less than or equal to 256 UTF-8 bytes.
+ "serviceAccountParent": "A String", # A service account project that hosts the service accounts.
+ #
+ # An example name would be:
+ # `projects/123456789`
+ },
+ "producerNotificationChannel": "A String", # The full resource name of a channel used for sending notifications to the
+ # service producer.
+ #
+ # Google Service Management currently only supports
+ # [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification
+ # channel. To use Google Cloud Pub/Sub as the channel, this must be the name
+ # of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format
+ # documented in https://cloud.google.com/pubsub/docs/overview.
+ "rules": [ # A list of usage rules that apply to individual API methods.
+ #
+ # **NOTE:** All service configuration rules follow "last one wins" order.
+ { # Usage configuration rules for the service.
+ #
+ # NOTE: Under development.
+ #
+ #
+ # Use this rule to configure unregistered calls for the service. Unregistered
+ # calls are calls that do not contain consumer project identity.
+ # (Example: calls that do not contain an API key).
+ # By default, API methods do not allow unregistered calls, and each method call
+ # must be identified by a consumer project identity. Use this rule to
+ # allow/disallow unregistered calls.
+ #
+ # Example of an API that wants to allow unregistered calls for entire service.
+ #
+ # usage:
+ # rules:
+ # - selector: "*"
+ # allow_unregistered_calls: true
+ #
+ # Example of a method that wants to allow unregistered calls.
+ #
+ # usage:
+ # rules:
+ # - selector: "google.example.library.v1.LibraryService.CreateBook"
+ # allow_unregistered_calls: true
+ "selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
+ # methods in all APIs.
+ #
+ # Refer to selector for syntax details.
+ "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
+ # plane features, such as quota and billing, will not be available.
+ # This flag is used by Google Cloud Endpoints to bypass checks for internal
+ # methods, such as service health check methods.
+ "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
+ # that don't identify any user or application.
+ },
+ ],
+ },
},
+ "name": "A String", # The resource name of the consumer and service.
+ #
+ # A valid name would be:
+ # - projects/123/services/serviceusage.googleapis.com
"state": "A String", # Whether or not the service has been enabled for use by the consumer.
+ "parent": "A String", # The resource name of the consumer.
+ #
+ # A valid name would be:
+ # - projects/123
},
],
"nextPageToken": "A String", # Token that can be passed to `ListServices` to resume a paginated