Regen all docs. (#700)
* Stop recursing if discovery == {}
* Generate docs with 'make docs'.
diff --git a/docs/dyn/cloudresourcemanager_v1beta1.projects.html b/docs/dyn/cloudresourcemanager_v1beta1.projects.html
index 1795819..4db3993 100644
--- a/docs/dyn/cloudresourcemanager_v1beta1.projects.html
+++ b/docs/dyn/cloudresourcemanager_v1beta1.projects.html
@@ -72,7 +72,7 @@
</style>
-<h1><a href="cloudresourcemanager_v1beta1.html">Google Cloud Resource Manager API</a> . <a href="cloudresourcemanager_v1beta1.projects.html">projects</a></h1>
+<h1><a href="cloudresourcemanager_v1beta1.html">Cloud Resource Manager API</a> . <a href="cloudresourcemanager_v1beta1.projects.html">projects</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
<code><a href="#create">create(body, useLegacyStack=None, x__xgafv=None)</a></code></p>
@@ -84,25 +84,25 @@
<code><a href="#get">get(projectId, x__xgafv=None)</a></code></p>
<p class="firstline">Retrieves the Project identified by the specified</p>
<p class="toc_element">
- <code><a href="#getAncestry">getAncestry(projectId, body, x__xgafv=None)</a></code></p>
+ <code><a href="#getAncestry">getAncestry(projectId, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Gets a list of ancestors in the resource hierarchy for the Project</p>
<p class="toc_element">
- <code><a href="#getIamPolicy">getIamPolicy(resource, body, x__xgafv=None)</a></code></p>
+ <code><a href="#getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Returns the IAM access control policy for the specified Project.</p>
<p class="toc_element">
- <code><a href="#list">list(pageSize=None, filter=None, pageToken=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Lists Projects that are visible to the user and satisfy the</p>
+ <code><a href="#list">list(pageSize=None, pageToken=None, x__xgafv=None, filter=None)</a></code></p>
+<p class="firstline">Lists Projects that the caller has the `resourcemanager.projects.get`</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<p class="toc_element">
<code><a href="#setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</a></code></p>
-<p class="firstline">Sets the IAM access control policy for the specified Project. Replaces</p>
+<p class="firstline">Sets the IAM access control policy for the specified Project. Overwrites</p>
<p class="toc_element">
<code><a href="#testIamPermissions">testIamPermissions(resource, body, x__xgafv=None)</a></code></p>
<p class="firstline">Returns permissions that a caller has on the specified Project.</p>
<p class="toc_element">
- <code><a href="#undelete">undelete(projectId, body, x__xgafv=None)</a></code></p>
+ <code><a href="#undelete">undelete(projectId, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Restores the Project identified by the specified</p>
<p class="toc_element">
<code><a href="#update">update(projectId, body, x__xgafv=None)</a></code></p>
@@ -117,7 +117,14 @@
Project.
Several APIs are activated automatically for the Project, including
-Google Cloud Storage.
+Google Cloud Storage. The parent is identified by a specified
+ResourceId, which must include both an ID and a type, such as
+project, folder, or organization.
+
+This method does not associate the new project with a billing account.
+You can set or update the billing account associated with a project using
+the [`projects.updateBillingInfo`]
+(/billing/reference/rest/v1/projects/updateBillingInfo) method.
Args:
body: object, The request body. (required)
@@ -126,8 +133,8 @@
{ # A Project is a high-level Google Cloud Platform entity. It is a
# container for ACLs, APIs, App Engine Apps, VMs, and other
# Google Cloud Platform resources.
- "name": "A String", # The user-assigned display name of the Project.
- # It must be 4 to 30 characters.
+ "name": "A String", # The optional user-assigned display name of the Project.
+ # When present it must be between 4 to 30 characters.
# Allowed characters are: lowercase and uppercase letters, numbers,
# hyphen, single-quote, double-quote, space, and exclamation point.
#
@@ -135,8 +142,8 @@
# Read-write.
"parent": { # A container to reference an id for any resource type. A `resource` in Google # An optional reference to a parent Resource.
#
- # The only supported parent type is "organization". Once set, the parent
- # cannot be modified. The `parent` can be set on creation or using the
+ # Supported parent types include "organization" and "folder". Once set, the
+ # parent cannot be cleared. The `parent` can be set on creation or using the
# `UpdateProject` method; the end user must have the
# `resourcemanager.projects.create` permission on the parent.
#
@@ -145,7 +152,7 @@
# interact with through one of our API's. Some examples are an App Engine app,
# a Compute Engine instance, a Cloud SQL database, and so on.
"type": "A String", # Required field representing the resource type this id is for.
- # At present, the valid types are "project" and "organization".
+ # At present, the valid types are "project", "folder", and "organization".
"id": "A String", # Required field for the type-specific id. This should correspond to the id
# used in the type-specific API's.
},
@@ -162,7 +169,8 @@
# to the following regular expression: \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?.
#
# Label values must be between 0 and 63 characters long and must conform
- # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?.
+ # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. A label
+ # value can be empty.
#
# No more than 256 labels can be associated with a given resource.
#
@@ -173,15 +181,15 @@
# Read-write.
"a_key": "A String",
},
- "projectNumber": "A String", # The number uniquely identifying the project.
+ "createTime": "A String", # Creation time.
#
- # Example: <code>415104041262</code>
# Read-only.
"lifecycleState": "A String", # The Project lifecycle state.
#
# Read-only.
- "createTime": "A String", # Creation time.
+ "projectNumber": "A String", # The number uniquely identifying the project.
#
+ # Example: <code>415104041262</code>
# Read-only.
}
@@ -197,8 +205,8 @@
{ # A Project is a high-level Google Cloud Platform entity. It is a
# container for ACLs, APIs, App Engine Apps, VMs, and other
# Google Cloud Platform resources.
- "name": "A String", # The user-assigned display name of the Project.
- # It must be 4 to 30 characters.
+ "name": "A String", # The optional user-assigned display name of the Project.
+ # When present it must be between 4 to 30 characters.
# Allowed characters are: lowercase and uppercase letters, numbers,
# hyphen, single-quote, double-quote, space, and exclamation point.
#
@@ -206,8 +214,8 @@
# Read-write.
"parent": { # A container to reference an id for any resource type. A `resource` in Google # An optional reference to a parent Resource.
#
- # The only supported parent type is "organization". Once set, the parent
- # cannot be modified. The `parent` can be set on creation or using the
+ # Supported parent types include "organization" and "folder". Once set, the
+ # parent cannot be cleared. The `parent` can be set on creation or using the
# `UpdateProject` method; the end user must have the
# `resourcemanager.projects.create` permission on the parent.
#
@@ -216,7 +224,7 @@
# interact with through one of our API's. Some examples are an App Engine app,
# a Compute Engine instance, a Cloud SQL database, and so on.
"type": "A String", # Required field representing the resource type this id is for.
- # At present, the valid types are "project" and "organization".
+ # At present, the valid types are "project", "folder", and "organization".
"id": "A String", # Required field for the type-specific id. This should correspond to the id
# used in the type-specific API's.
},
@@ -233,7 +241,8 @@
# to the following regular expression: \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?.
#
# Label values must be between 0 and 63 characters long and must conform
- # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?.
+ # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. A label
+ # value can be empty.
#
# No more than 256 labels can be associated with a given resource.
#
@@ -244,15 +253,15 @@
# Read-write.
"a_key": "A String",
},
- "projectNumber": "A String", # The number uniquely identifying the project.
+ "createTime": "A String", # Creation time.
#
- # Example: <code>415104041262</code>
# Read-only.
"lifecycleState": "A String", # The Project lifecycle state.
#
# Read-only.
- "createTime": "A String", # Creation time.
+ "projectNumber": "A String", # The number uniquely identifying the project.
#
+ # Example: <code>415104041262</code>
# Read-only.
}</pre>
</div>
@@ -261,10 +270,7 @@
<code class="details" id="delete">delete(projectId, x__xgafv=None)</code>
<pre>Marks the Project identified by the specified
`project_id` (for example, `my-project-123`) for deletion.
-This method will only affect the Project if the following criteria are met:
-
-+ The Project does not have a billing account associated with it.
-+ The Project has a lifecycle state of
+This method will only affect the Project if it has a lifecycle state of
ACTIVE.
This method changes the Project's lifecycle state from
@@ -279,8 +285,9 @@
However, you cannot update the project.
After the deletion completes, the Project is not retrievable by
-the GetProject and
-ListProjects methods.
+the GetProject
+and ListProjects
+methods.
The caller must have modify permissions for this Project.
@@ -330,8 +337,8 @@
{ # A Project is a high-level Google Cloud Platform entity. It is a
# container for ACLs, APIs, App Engine Apps, VMs, and other
# Google Cloud Platform resources.
- "name": "A String", # The user-assigned display name of the Project.
- # It must be 4 to 30 characters.
+ "name": "A String", # The optional user-assigned display name of the Project.
+ # When present it must be between 4 to 30 characters.
# Allowed characters are: lowercase and uppercase letters, numbers,
# hyphen, single-quote, double-quote, space, and exclamation point.
#
@@ -339,8 +346,8 @@
# Read-write.
"parent": { # A container to reference an id for any resource type. A `resource` in Google # An optional reference to a parent Resource.
#
- # The only supported parent type is "organization". Once set, the parent
- # cannot be modified. The `parent` can be set on creation or using the
+ # Supported parent types include "organization" and "folder". Once set, the
+ # parent cannot be cleared. The `parent` can be set on creation or using the
# `UpdateProject` method; the end user must have the
# `resourcemanager.projects.create` permission on the parent.
#
@@ -349,7 +356,7 @@
# interact with through one of our API's. Some examples are an App Engine app,
# a Compute Engine instance, a Cloud SQL database, and so on.
"type": "A String", # Required field representing the resource type this id is for.
- # At present, the valid types are "project" and "organization".
+ # At present, the valid types are "project", "folder", and "organization".
"id": "A String", # Required field for the type-specific id. This should correspond to the id
# used in the type-specific API's.
},
@@ -366,7 +373,8 @@
# to the following regular expression: \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?.
#
# Label values must be between 0 and 63 characters long and must conform
- # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?.
+ # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. A label
+ # value can be empty.
#
# No more than 256 labels can be associated with a given resource.
#
@@ -377,21 +385,21 @@
# Read-write.
"a_key": "A String",
},
- "projectNumber": "A String", # The number uniquely identifying the project.
+ "createTime": "A String", # Creation time.
#
- # Example: <code>415104041262</code>
# Read-only.
"lifecycleState": "A String", # The Project lifecycle state.
#
# Read-only.
- "createTime": "A String", # Creation time.
+ "projectNumber": "A String", # The number uniquely identifying the project.
#
+ # Example: <code>415104041262</code>
# Read-only.
}</pre>
</div>
<div class="method">
- <code class="details" id="getAncestry">getAncestry(projectId, body, x__xgafv=None)</code>
+ <code class="details" id="getAncestry">getAncestry(projectId, body=None, x__xgafv=None)</code>
<pre>Gets a list of ancestors in the resource hierarchy for the Project
identified by the specified `project_id` (for example, `my-project-123`).
@@ -401,7 +409,7 @@
projectId: string, The Project ID (for example, `my-project-123`).
Required. (required)
- body: object, The request body. (required)
+ body: object, The request body.
The object takes the form of:
{ # The request sent to the
@@ -427,7 +435,7 @@
# interact with through one of our API's. Some examples are an App Engine app,
# a Compute Engine instance, a Cloud SQL database, and so on.
"type": "A String", # Required field representing the resource type this id is for.
- # At present, the valid types are "project" and "organization".
+ # At present, the valid types are "project", "folder", and "organization".
"id": "A String", # Required field for the type-specific id. This should correspond to the id
# used in the type-specific API's.
},
@@ -437,14 +445,17 @@
</div>
<div class="method">
- <code class="details" id="getIamPolicy">getIamPolicy(resource, body, x__xgafv=None)</code>
+ <code class="details" id="getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</code>
<pre>Returns the IAM access control policy for the specified Project.
Permission is denied if the policy or the resource does not exist.
+For additional information about resource structure and identification,
+see [Resource Names](/apis/design/resource_names).
+
Args:
resource: string, REQUIRED: The resource for which the policy is being requested.
See the operation documentation for the appropriate value for this field. (required)
- body: object, The request body. (required)
+ body: object, The request body.
The object takes the form of:
{ # Request message for `GetIamPolicy` method.
@@ -462,12 +473,12 @@
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
@@ -477,7 +488,7 @@
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
@@ -487,15 +498,48 @@
# ]
# }
#
+ # **YAML Example**
+ #
+ # bindings:
+ # - members:
+ # - user:mike@example.com
+ # - group:admins@example.com
+ # - domain:google.com
+ # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # - members:
+ # - user:sean@example.com
+ # role: roles/viewer
+ #
+ #
# For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
"bindings": [ # Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
# `bindings` with no members will result in an error.
{ # Associates `members` with a `role`.
"role": "A String", # Role that is assigned to `members`.
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
+ "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
+ #
+ # title: "User account presence"
+ # description: "Determines whether the request has a user account"
+ # expression: "size(request.user) > 0"
+ "description": "A String", # An optional description of the expression. This is a longer text which
+ # describes the expression, e.g. when hovered over it in a UI.
+ "expression": "A String", # Textual representation of an expression in
+ # Common Expression Language syntax.
+ #
+ # The application context of the containing message determines which
+ # well-known feature set of CEL is supported.
+ "location": "A String", # An optional string indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
+ "title": "A String", # An optional title for the expression, i.e. a short string describing
+ # its purpose. This can be used e.g. in UIs which allow to enter the
+ # expression.
+ },
"members": [ # Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
#
@@ -506,7 +550,7 @@
# who is authenticated with a Google account or a service account.
#
# * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
+ # account. For example, `alice@gmail.com` .
#
#
# * `serviceAccount:{emailid}`: An email address that represents a service
@@ -516,7 +560,7 @@
# For example, `admins@example.com`.
#
#
- # * `domain:{domain}`: A Google Apps domain name that represents all the
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
# users of that domain. For example, `google.com` or `example.com`.
#
"A String",
@@ -532,7 +576,7 @@
# If there are AuditConfigs for both `allServices` and a specific service,
# the union of the two AuditConfigs is used for that service: the log_types
# specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditConfig are exempted.
+ # AuditLogConfig are exempted.
#
# Example Policy with multiple AuditConfigs:
#
@@ -576,7 +620,6 @@
# logging. It also exempts foo@gmail.com from DATA_READ logging, and
# bar@gmail.com from DATA_WRITE logging.
"auditLogConfigs": [ # The configuration for logging of each type of permission.
- # Next ID: 4
{ # Provides the configuration for logging a type of permissions.
# Example:
#
@@ -619,15 +662,28 @@
#
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
# policy is overwritten blindly.
- "version": 42, # Version of the `Policy`. The default version is 0.
+ "version": 42, # Deprecated.
}</pre>
</div>
<div class="method">
- <code class="details" id="list">list(pageSize=None, filter=None, pageToken=None, x__xgafv=None)</code>
- <pre>Lists Projects that are visible to the user and satisfy the
-specified filter. This method returns Projects in an unspecified order.
-New Projects do not necessarily appear at the end of the list.
+ <code class="details" id="list">list(pageSize=None, pageToken=None, x__xgafv=None, filter=None)</code>
+ <pre>Lists Projects that the caller has the `resourcemanager.projects.get`
+permission on and satisfy the specified filter.
+
+This method returns Projects in an unspecified order.
+This method is eventually consistent with project mutations; this means
+that a newly created project may not appear in the results or recent
+updates to an existing project may not be reflected in the results. To
+retrieve the latest state of a project, use the
+GetProject method.
+
+NOTE: If the request filter contains a `parent.type` and `parent.id` and
+the caller has the `resourcemanager.projects.list` permission on the
+parent, the results will be drawn from an alternate index which provides
+more consistent results. In future versions of this API, this List method
+will be split into List and Search to properly capture the behavorial
+difference.
Args:
pageSize: integer, The maximum number of Projects to return in the response.
@@ -635,27 +691,6 @@
If unspecified, server picks an appropriate default.
Optional.
- filter: string, An expression for filtering the results of the request. Filter rules are
-case insensitive. The fields eligible for filtering are:
-
-+ `name`
-+ `id`
-+ <code>labels.<em>key</em></code> where *key* is the name of a label
-
-Some examples of using labels as filters:
-
-|Filter|Description|
-|------|-----------|
-|name:how*|The project's name starts with "how".|
-|name:Howl|The project's name is `Howl` or `howl`.|
-|name:HOWL|Equivalent to above.|
-|NAME:howl|Equivalent to above.|
-|labels.color:*|The project has the label `color`.|
-|labels.color:red|The project's label `color` has the value `red`.|
-|labels.color:red labels.size:big|The project's label `color` has the
-value `red` and its label `size` has the value `big`.
-
-Optional.
pageToken: string, A pagination token returned from a previous call to ListProjects
that indicates from where listing should continue.
@@ -664,6 +699,39 @@
Allowed values
1 - v1 error format
2 - v2 error format
+ filter: string, An expression for filtering the results of the request. Filter rules are
+case insensitive. The fields eligible for filtering are:
+
++ `name`
++ `id`
++ `labels.<key>` (where *key* is the name of a label)
++ `parent.type`
++ `parent.id`
+
+Some examples of using labels as filters:
+
+| Filter | Description |
+|------------------|-----------------------------------------------------|
+| name:how* | The project's name starts with "how". |
+| name:Howl | The project's name is `Howl` or `howl`. |
+| name:HOWL | Equivalent to above. |
+| NAME:howl | Equivalent to above. |
+| labels.color:* | The project has the label `color`. |
+| labels.color:red | The project's label `color` has the value `red`. |
+| labels.color:red labels.size:big |The project's label `color` has
+ the value `red` and its label `size` has the value `big`. |
+
+If no filter is specified, the call will return projects for which the user
+has the `resourcemanager.projects.get` permission.
+
+NOTE: To perform a by-parent query (eg., what projects are directly in a
+Folder), the caller must have the `resourcemanager.projects.list`
+permission on the parent and the filter must contain both a `parent.type`
+and a `parent.id` restriction
+(example: "parent.type:folder parent.id:123"). In this case an alternate
+search index is used which provides more consistent results.
+
+Optional.
Returns:
An object of the form:
@@ -691,8 +759,8 @@
{ # A Project is a high-level Google Cloud Platform entity. It is a
# container for ACLs, APIs, App Engine Apps, VMs, and other
# Google Cloud Platform resources.
- "name": "A String", # The user-assigned display name of the Project.
- # It must be 4 to 30 characters.
+ "name": "A String", # The optional user-assigned display name of the Project.
+ # When present it must be between 4 to 30 characters.
# Allowed characters are: lowercase and uppercase letters, numbers,
# hyphen, single-quote, double-quote, space, and exclamation point.
#
@@ -700,8 +768,8 @@
# Read-write.
"parent": { # A container to reference an id for any resource type. A `resource` in Google # An optional reference to a parent Resource.
#
- # The only supported parent type is "organization". Once set, the parent
- # cannot be modified. The `parent` can be set on creation or using the
+ # Supported parent types include "organization" and "folder". Once set, the
+ # parent cannot be cleared. The `parent` can be set on creation or using the
# `UpdateProject` method; the end user must have the
# `resourcemanager.projects.create` permission on the parent.
#
@@ -710,7 +778,7 @@
# interact with through one of our API's. Some examples are an App Engine app,
# a Compute Engine instance, a Cloud SQL database, and so on.
"type": "A String", # Required field representing the resource type this id is for.
- # At present, the valid types are "project" and "organization".
+ # At present, the valid types are "project", "folder", and "organization".
"id": "A String", # Required field for the type-specific id. This should correspond to the id
# used in the type-specific API's.
},
@@ -727,7 +795,8 @@
# to the following regular expression: \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?.
#
# Label values must be between 0 and 63 characters long and must conform
- # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?.
+ # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. A label
+ # value can be empty.
#
# No more than 256 labels can be associated with a given resource.
#
@@ -738,15 +807,15 @@
# Read-write.
"a_key": "A String",
},
- "projectNumber": "A String", # The number uniquely identifying the project.
+ "createTime": "A String", # Creation time.
#
- # Example: <code>415104041262</code>
# Read-only.
"lifecycleState": "A String", # The Project lifecycle state.
#
# Read-only.
- "createTime": "A String", # Creation time.
+ "projectNumber": "A String", # The number uniquely identifying the project.
#
+ # Example: <code>415104041262</code>
# Read-only.
},
],
@@ -769,7 +838,7 @@
<div class="method">
<code class="details" id="setIamPolicy">setIamPolicy(resource, body, x__xgafv=None)</code>
- <pre>Sets the IAM access control policy for the specified Project. Replaces
+ <pre>Sets the IAM access control policy for the specified Project. Overwrites
any existing policy.
The following constraints apply when using `setIamPolicy()`:
@@ -793,14 +862,16 @@
+ Membership changes that leave the project without any owners that have
accepted the Terms of Service (ToS) will be rejected.
-+ There must be at least one owner who has accepted the Terms of
-Service (ToS) agreement in the policy. Calling `setIamPolicy()` to
-remove the last ToS-accepted owner from the policy will fail. This
-restriction also applies to legacy projects that no longer have owners
-who have accepted the ToS. Edits to IAM policies will be rejected until
-the lack of a ToS-accepting owner is rectified.
++ If the project is not part of an organization, there must be at least
+one owner who has accepted the Terms of Service (ToS) agreement in the
+policy. Calling `setIamPolicy()` to remove the last ToS-accepted owner
+from the policy will fail. This restriction also applies to legacy
+projects that no longer have owners who have accepted the ToS. Edits to
+IAM policies will be rejected until the lack of a ToS-accepting owner is
+rectified.
-+ Calling this method requires enabling the App Engine Admin API.
++ This method will replace the existing policy, and cannot be used to
+append additional IAM settings.
Note: Removing service accounts from policies or changing their roles
can render services completely inoperable. It is important to understand
@@ -821,12 +892,12 @@
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
@@ -836,7 +907,7 @@
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
@@ -846,15 +917,48 @@
# ]
# }
#
+ # **YAML Example**
+ #
+ # bindings:
+ # - members:
+ # - user:mike@example.com
+ # - group:admins@example.com
+ # - domain:google.com
+ # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # - members:
+ # - user:sean@example.com
+ # role: roles/viewer
+ #
+ #
# For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
"bindings": [ # Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
# `bindings` with no members will result in an error.
{ # Associates `members` with a `role`.
"role": "A String", # Role that is assigned to `members`.
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
+ "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
+ #
+ # title: "User account presence"
+ # description: "Determines whether the request has a user account"
+ # expression: "size(request.user) > 0"
+ "description": "A String", # An optional description of the expression. This is a longer text which
+ # describes the expression, e.g. when hovered over it in a UI.
+ "expression": "A String", # Textual representation of an expression in
+ # Common Expression Language syntax.
+ #
+ # The application context of the containing message determines which
+ # well-known feature set of CEL is supported.
+ "location": "A String", # An optional string indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
+ "title": "A String", # An optional title for the expression, i.e. a short string describing
+ # its purpose. This can be used e.g. in UIs which allow to enter the
+ # expression.
+ },
"members": [ # Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
#
@@ -865,7 +969,7 @@
# who is authenticated with a Google account or a service account.
#
# * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
+ # account. For example, `alice@gmail.com` .
#
#
# * `serviceAccount:{emailid}`: An email address that represents a service
@@ -875,7 +979,7 @@
# For example, `admins@example.com`.
#
#
- # * `domain:{domain}`: A Google Apps domain name that represents all the
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
# users of that domain. For example, `google.com` or `example.com`.
#
"A String",
@@ -891,7 +995,7 @@
# If there are AuditConfigs for both `allServices` and a specific service,
# the union of the two AuditConfigs is used for that service: the log_types
# specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditConfig are exempted.
+ # AuditLogConfig are exempted.
#
# Example Policy with multiple AuditConfigs:
#
@@ -935,7 +1039,6 @@
# logging. It also exempts foo@gmail.com from DATA_READ logging, and
# bar@gmail.com from DATA_WRITE logging.
"auditLogConfigs": [ # The configuration for logging of each type of permission.
- # Next ID: 4
{ # Provides the configuration for logging a type of permissions.
# Example:
#
@@ -978,7 +1081,7 @@
#
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
# policy is overwritten blindly.
- "version": 42, # Version of the `Policy`. The default version is 0.
+ "version": 42, # Deprecated.
},
"updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
# the fields in the mask will be modified. If no mask is provided, the
@@ -999,12 +1102,12 @@
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
@@ -1014,7 +1117,7 @@
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
@@ -1024,15 +1127,48 @@
# ]
# }
#
+ # **YAML Example**
+ #
+ # bindings:
+ # - members:
+ # - user:mike@example.com
+ # - group:admins@example.com
+ # - domain:google.com
+ # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # - members:
+ # - user:sean@example.com
+ # role: roles/viewer
+ #
+ #
# For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
"bindings": [ # Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
# `bindings` with no members will result in an error.
{ # Associates `members` with a `role`.
"role": "A String", # Role that is assigned to `members`.
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
+ "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
+ #
+ # title: "User account presence"
+ # description: "Determines whether the request has a user account"
+ # expression: "size(request.user) > 0"
+ "description": "A String", # An optional description of the expression. This is a longer text which
+ # describes the expression, e.g. when hovered over it in a UI.
+ "expression": "A String", # Textual representation of an expression in
+ # Common Expression Language syntax.
+ #
+ # The application context of the containing message determines which
+ # well-known feature set of CEL is supported.
+ "location": "A String", # An optional string indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
+ "title": "A String", # An optional title for the expression, i.e. a short string describing
+ # its purpose. This can be used e.g. in UIs which allow to enter the
+ # expression.
+ },
"members": [ # Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
#
@@ -1043,7 +1179,7 @@
# who is authenticated with a Google account or a service account.
#
# * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
+ # account. For example, `alice@gmail.com` .
#
#
# * `serviceAccount:{emailid}`: An email address that represents a service
@@ -1053,7 +1189,7 @@
# For example, `admins@example.com`.
#
#
- # * `domain:{domain}`: A Google Apps domain name that represents all the
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
# users of that domain. For example, `google.com` or `example.com`.
#
"A String",
@@ -1069,7 +1205,7 @@
# If there are AuditConfigs for both `allServices` and a specific service,
# the union of the two AuditConfigs is used for that service: the log_types
# specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditConfig are exempted.
+ # AuditLogConfig are exempted.
#
# Example Policy with multiple AuditConfigs:
#
@@ -1113,7 +1249,6 @@
# logging. It also exempts foo@gmail.com from DATA_READ logging, and
# bar@gmail.com from DATA_WRITE logging.
"auditLogConfigs": [ # The configuration for logging of each type of permission.
- # Next ID: 4
{ # Provides the configuration for logging a type of permissions.
# Example:
#
@@ -1156,7 +1291,7 @@
#
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
# policy is overwritten blindly.
- "version": 42, # Version of the `Policy`. The default version is 0.
+ "version": 42, # Deprecated.
}</pre>
</div>
@@ -1196,7 +1331,7 @@
</div>
<div class="method">
- <code class="details" id="undelete">undelete(projectId, body, x__xgafv=None)</code>
+ <code class="details" id="undelete">undelete(projectId, body=None, x__xgafv=None)</code>
<pre>Restores the Project identified by the specified
`project_id` (for example, `my-project-123`).
You can only use this method for a Project that has a lifecycle state of
@@ -1209,7 +1344,7 @@
projectId: string, The project ID (for example, `foo-bar-123`).
Required. (required)
- body: object, The request body. (required)
+ body: object, The request body.
The object takes the form of:
{ # The request sent to the UndeleteProject
@@ -1253,8 +1388,8 @@
{ # A Project is a high-level Google Cloud Platform entity. It is a
# container for ACLs, APIs, App Engine Apps, VMs, and other
# Google Cloud Platform resources.
- "name": "A String", # The user-assigned display name of the Project.
- # It must be 4 to 30 characters.
+ "name": "A String", # The optional user-assigned display name of the Project.
+ # When present it must be between 4 to 30 characters.
# Allowed characters are: lowercase and uppercase letters, numbers,
# hyphen, single-quote, double-quote, space, and exclamation point.
#
@@ -1262,8 +1397,8 @@
# Read-write.
"parent": { # A container to reference an id for any resource type. A `resource` in Google # An optional reference to a parent Resource.
#
- # The only supported parent type is "organization". Once set, the parent
- # cannot be modified. The `parent` can be set on creation or using the
+ # Supported parent types include "organization" and "folder". Once set, the
+ # parent cannot be cleared. The `parent` can be set on creation or using the
# `UpdateProject` method; the end user must have the
# `resourcemanager.projects.create` permission on the parent.
#
@@ -1272,7 +1407,7 @@
# interact with through one of our API's. Some examples are an App Engine app,
# a Compute Engine instance, a Cloud SQL database, and so on.
"type": "A String", # Required field representing the resource type this id is for.
- # At present, the valid types are "project" and "organization".
+ # At present, the valid types are "project", "folder", and "organization".
"id": "A String", # Required field for the type-specific id. This should correspond to the id
# used in the type-specific API's.
},
@@ -1289,7 +1424,8 @@
# to the following regular expression: \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?.
#
# Label values must be between 0 and 63 characters long and must conform
- # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?.
+ # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. A label
+ # value can be empty.
#
# No more than 256 labels can be associated with a given resource.
#
@@ -1300,15 +1436,15 @@
# Read-write.
"a_key": "A String",
},
- "projectNumber": "A String", # The number uniquely identifying the project.
+ "createTime": "A String", # Creation time.
#
- # Example: <code>415104041262</code>
# Read-only.
"lifecycleState": "A String", # The Project lifecycle state.
#
# Read-only.
- "createTime": "A String", # Creation time.
+ "projectNumber": "A String", # The number uniquely identifying the project.
#
+ # Example: <code>415104041262</code>
# Read-only.
}
@@ -1323,8 +1459,8 @@
{ # A Project is a high-level Google Cloud Platform entity. It is a
# container for ACLs, APIs, App Engine Apps, VMs, and other
# Google Cloud Platform resources.
- "name": "A String", # The user-assigned display name of the Project.
- # It must be 4 to 30 characters.
+ "name": "A String", # The optional user-assigned display name of the Project.
+ # When present it must be between 4 to 30 characters.
# Allowed characters are: lowercase and uppercase letters, numbers,
# hyphen, single-quote, double-quote, space, and exclamation point.
#
@@ -1332,8 +1468,8 @@
# Read-write.
"parent": { # A container to reference an id for any resource type. A `resource` in Google # An optional reference to a parent Resource.
#
- # The only supported parent type is "organization". Once set, the parent
- # cannot be modified. The `parent` can be set on creation or using the
+ # Supported parent types include "organization" and "folder". Once set, the
+ # parent cannot be cleared. The `parent` can be set on creation or using the
# `UpdateProject` method; the end user must have the
# `resourcemanager.projects.create` permission on the parent.
#
@@ -1342,7 +1478,7 @@
# interact with through one of our API's. Some examples are an App Engine app,
# a Compute Engine instance, a Cloud SQL database, and so on.
"type": "A String", # Required field representing the resource type this id is for.
- # At present, the valid types are "project" and "organization".
+ # At present, the valid types are "project", "folder", and "organization".
"id": "A String", # Required field for the type-specific id. This should correspond to the id
# used in the type-specific API's.
},
@@ -1359,7 +1495,8 @@
# to the following regular expression: \[a-z\](\[-a-z0-9\]*\[a-z0-9\])?.
#
# Label values must be between 0 and 63 characters long and must conform
- # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?.
+ # to the regular expression (\[a-z\](\[-a-z0-9\]*\[a-z0-9\])?)?. A label
+ # value can be empty.
#
# No more than 256 labels can be associated with a given resource.
#
@@ -1370,15 +1507,15 @@
# Read-write.
"a_key": "A String",
},
- "projectNumber": "A String", # The number uniquely identifying the project.
+ "createTime": "A String", # Creation time.
#
- # Example: <code>415104041262</code>
# Read-only.
"lifecycleState": "A String", # The Project lifecycle state.
#
# Read-only.
- "createTime": "A String", # Creation time.
+ "projectNumber": "A String", # The number uniquely identifying the project.
#
+ # Example: <code>415104041262</code>
# Read-only.
}</pre>
</div>