Regen all docs. (#700)
* Stop recursing if discovery == {}
* Generate docs with 'make docs'.
diff --git a/docs/dyn/servicemanagement_v1.services.html b/docs/dyn/servicemanagement_v1.services.html
index ee469b9..3e4049c 100644
--- a/docs/dyn/servicemanagement_v1.services.html
+++ b/docs/dyn/servicemanagement_v1.services.html
@@ -72,7 +72,7 @@
</style>
-<h1><a href="servicemanagement_v1.html">Google Service Management API</a> . <a href="servicemanagement_v1.services.html">services</a></h1>
+<h1><a href="servicemanagement_v1.html">Service Management API</a> . <a href="servicemanagement_v1.services.html">services</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
<code><a href="servicemanagement_v1.services.configs.html">configs()</a></code>
@@ -111,7 +111,7 @@
<code><a href="#getConfig">getConfig(serviceName, configId=None, x__xgafv=None, view=None)</a></code></p>
<p class="firstline">Gets a service configuration (version) for a managed service.</p>
<p class="toc_element">
- <code><a href="#getIamPolicy">getIamPolicy(resource, body, x__xgafv=None)</a></code></p>
+ <code><a href="#getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Gets the access control policy for a resource.</p>
<p class="toc_element">
<code><a href="#list">list(producerProjectId=None, pageSize=None, pageToken=None, consumerId=None, x__xgafv=None)</a></code></p>
@@ -157,72 +157,6 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
- "error": { # The `Status` type defines a logical error model that is suitable for different # The error result of the operation in case of failure or cancellation.
- # programming environments, including REST APIs and RPC APIs. It is used by
- # [gRPC](https://github.com/grpc). The error model is designed to be:
- #
- # - Simple to use and understand for most users
- # - Flexible enough to meet unexpected needs
- #
- # # Overview
- #
- # The `Status` message contains three pieces of data: error code, error message,
- # and error details. The error code should be an enum value of
- # google.rpc.Code, but it may accept additional error codes if needed. The
- # error message should be a developer-facing English message that helps
- # developers *understand* and *resolve* the error. If a localized user-facing
- # error message is needed, put the localized message in the error details or
- # localize it in the client. The optional error details may contain arbitrary
- # information about the error. There is a predefined set of error detail types
- # in the package `google.rpc` that can be used for common error conditions.
- #
- # # Language mapping
- #
- # The `Status` message is the logical representation of the error model, but it
- # is not necessarily the actual wire format. When the `Status` message is
- # exposed in different client libraries and different wire protocols, it can be
- # mapped differently. For example, it will likely be mapped to some exceptions
- # in Java, but more likely mapped to some error codes in C.
- #
- # # Other uses
- #
- # The error model and the `Status` message can be used in a variety of
- # environments, either with or without APIs, to provide a
- # consistent developer experience across different environments.
- #
- # Example uses of this error model include:
- #
- # - Partial errors. If a service needs to return partial errors to the client,
- # it may embed the `Status` in the normal response to indicate the partial
- # errors.
- #
- # - Workflow errors. A typical workflow has multiple steps. Each step may
- # have a `Status` message for error reporting.
- #
- # - Batch operations. If a client uses batch request and batch response, the
- # `Status` message should be used directly inside batch response, one for
- # each error sub-response.
- #
- # - Asynchronous operations. If an API call embeds asynchronous operation
- # results in its response, the status of those operations should be
- # represented directly using the `Status` message.
- #
- # - Logging. If some API errors are stored in logs, the message `Status` could
- # be used directly after any stripping needed for security/privacy reasons.
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- "details": [ # A list of messages that carry the error details. There will be a
- # common set of message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- },
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If true, the operation is completed, and either `error` or `response` is
- # available.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -233,15 +167,36 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should have the format of `operations/some/unique/name`.
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
# long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
+ },
}</pre>
</div>
@@ -267,72 +222,6 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
- "error": { # The `Status` type defines a logical error model that is suitable for different # The error result of the operation in case of failure or cancellation.
- # programming environments, including REST APIs and RPC APIs. It is used by
- # [gRPC](https://github.com/grpc). The error model is designed to be:
- #
- # - Simple to use and understand for most users
- # - Flexible enough to meet unexpected needs
- #
- # # Overview
- #
- # The `Status` message contains three pieces of data: error code, error message,
- # and error details. The error code should be an enum value of
- # google.rpc.Code, but it may accept additional error codes if needed. The
- # error message should be a developer-facing English message that helps
- # developers *understand* and *resolve* the error. If a localized user-facing
- # error message is needed, put the localized message in the error details or
- # localize it in the client. The optional error details may contain arbitrary
- # information about the error. There is a predefined set of error detail types
- # in the package `google.rpc` that can be used for common error conditions.
- #
- # # Language mapping
- #
- # The `Status` message is the logical representation of the error model, but it
- # is not necessarily the actual wire format. When the `Status` message is
- # exposed in different client libraries and different wire protocols, it can be
- # mapped differently. For example, it will likely be mapped to some exceptions
- # in Java, but more likely mapped to some error codes in C.
- #
- # # Other uses
- #
- # The error model and the `Status` message can be used in a variety of
- # environments, either with or without APIs, to provide a
- # consistent developer experience across different environments.
- #
- # Example uses of this error model include:
- #
- # - Partial errors. If a service needs to return partial errors to the client,
- # it may embed the `Status` in the normal response to indicate the partial
- # errors.
- #
- # - Workflow errors. A typical workflow has multiple steps. Each step may
- # have a `Status` message for error reporting.
- #
- # - Batch operations. If a client uses batch request and batch response, the
- # `Status` message should be used directly inside batch response, one for
- # each error sub-response.
- #
- # - Asynchronous operations. If an API call embeds asynchronous operation
- # results in its response, the status of those operations should be
- # represented directly using the `Status` message.
- #
- # - Logging. If some API errors are stored in logs, the message `Status` could
- # be used directly after any stripping needed for security/privacy reasons.
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- "details": [ # A list of messages that carry the error details. There will be a
- # common set of message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- },
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If true, the operation is completed, and either `error` or `response` is
- # available.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -343,15 +232,36 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should have the format of `operations/some/unique/name`.
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
# long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
+ },
}</pre>
</div>
@@ -391,72 +301,6 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
- "error": { # The `Status` type defines a logical error model that is suitable for different # The error result of the operation in case of failure or cancellation.
- # programming environments, including REST APIs and RPC APIs. It is used by
- # [gRPC](https://github.com/grpc). The error model is designed to be:
- #
- # - Simple to use and understand for most users
- # - Flexible enough to meet unexpected needs
- #
- # # Overview
- #
- # The `Status` message contains three pieces of data: error code, error message,
- # and error details. The error code should be an enum value of
- # google.rpc.Code, but it may accept additional error codes if needed. The
- # error message should be a developer-facing English message that helps
- # developers *understand* and *resolve* the error. If a localized user-facing
- # error message is needed, put the localized message in the error details or
- # localize it in the client. The optional error details may contain arbitrary
- # information about the error. There is a predefined set of error detail types
- # in the package `google.rpc` that can be used for common error conditions.
- #
- # # Language mapping
- #
- # The `Status` message is the logical representation of the error model, but it
- # is not necessarily the actual wire format. When the `Status` message is
- # exposed in different client libraries and different wire protocols, it can be
- # mapped differently. For example, it will likely be mapped to some exceptions
- # in Java, but more likely mapped to some error codes in C.
- #
- # # Other uses
- #
- # The error model and the `Status` message can be used in a variety of
- # environments, either with or without APIs, to provide a
- # consistent developer experience across different environments.
- #
- # Example uses of this error model include:
- #
- # - Partial errors. If a service needs to return partial errors to the client,
- # it may embed the `Status` in the normal response to indicate the partial
- # errors.
- #
- # - Workflow errors. A typical workflow has multiple steps. Each step may
- # have a `Status` message for error reporting.
- #
- # - Batch operations. If a client uses batch request and batch response, the
- # `Status` message should be used directly inside batch response, one for
- # each error sub-response.
- #
- # - Asynchronous operations. If an API call embeds asynchronous operation
- # results in its response, the status of those operations should be
- # represented directly using the `Status` message.
- #
- # - Logging. If some API errors are stored in logs, the message `Status` could
- # be used directly after any stripping needed for security/privacy reasons.
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- "details": [ # A list of messages that carry the error details. There will be a
- # common set of message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- },
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If true, the operation is completed, and either `error` or `response` is
- # available.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -467,15 +311,36 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should have the format of `operations/some/unique/name`.
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
# long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
+ },
}</pre>
</div>
@@ -516,72 +381,6 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
- "error": { # The `Status` type defines a logical error model that is suitable for different # The error result of the operation in case of failure or cancellation.
- # programming environments, including REST APIs and RPC APIs. It is used by
- # [gRPC](https://github.com/grpc). The error model is designed to be:
- #
- # - Simple to use and understand for most users
- # - Flexible enough to meet unexpected needs
- #
- # # Overview
- #
- # The `Status` message contains three pieces of data: error code, error message,
- # and error details. The error code should be an enum value of
- # google.rpc.Code, but it may accept additional error codes if needed. The
- # error message should be a developer-facing English message that helps
- # developers *understand* and *resolve* the error. If a localized user-facing
- # error message is needed, put the localized message in the error details or
- # localize it in the client. The optional error details may contain arbitrary
- # information about the error. There is a predefined set of error detail types
- # in the package `google.rpc` that can be used for common error conditions.
- #
- # # Language mapping
- #
- # The `Status` message is the logical representation of the error model, but it
- # is not necessarily the actual wire format. When the `Status` message is
- # exposed in different client libraries and different wire protocols, it can be
- # mapped differently. For example, it will likely be mapped to some exceptions
- # in Java, but more likely mapped to some error codes in C.
- #
- # # Other uses
- #
- # The error model and the `Status` message can be used in a variety of
- # environments, either with or without APIs, to provide a
- # consistent developer experience across different environments.
- #
- # Example uses of this error model include:
- #
- # - Partial errors. If a service needs to return partial errors to the client,
- # it may embed the `Status` in the normal response to indicate the partial
- # errors.
- #
- # - Workflow errors. A typical workflow has multiple steps. Each step may
- # have a `Status` message for error reporting.
- #
- # - Batch operations. If a client uses batch request and batch response, the
- # `Status` message should be used directly inside batch response, one for
- # each error sub-response.
- #
- # - Asynchronous operations. If an API call embeds asynchronous operation
- # results in its response, the status of those operations should be
- # represented directly using the `Status` message.
- #
- # - Logging. If some API errors are stored in logs, the message `Status` could
- # be used directly after any stripping needed for security/privacy reasons.
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- "details": [ # A list of messages that carry the error details. There will be a
- # common set of message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- },
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If true, the operation is completed, and either `error` or `response` is
- # available.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -592,15 +391,36 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should have the format of `operations/some/unique/name`.
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
# long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
+ },
}</pre>
</div>
@@ -685,7 +505,7 @@
# 'key' is used. If the field has no unique identifier, the numeric index
# is used.
# Examples:
- # - visibility.rules[selector=="google.LibraryService.CreateBook"].restriction
+ # - visibility.rules[selector=="google.LibraryService.ListBooks"].restriction
# - quota.metric_rules[selector=="google"].metric_costs[key=="reads"].value
# - logging.producer_destinations[0]
},
@@ -697,9 +517,9 @@
# report
# belongs to.
{ # Represents a diagnostic message (error or warning)
+ "kind": "A String", # The kind of diagnostic information provided.
"message": "A String", # Message describing the error or warning.
"location": "A String", # File name and line number of the error or warning.
- "kind": "A String", # The kind of diagnostic information provided.
},
],
}</pre>
@@ -737,6 +557,9 @@
serviceName: string, The name of the service. See the [overview](/service-management/overview)
for naming requirements. For example: `example.googleapis.com`. (required)
configId: string, The id of the service configuration resource.
+
+This field must be specified for the server to return all fields, including
+`SourceInfo`.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -787,18 +610,8 @@
# Different APIs can support different monitored resource types. APIs generally
# provide a `list` method that returns the monitored resource descriptors used
# by the API.
- "type": "A String", # Required. The monitored resource type. For example, the type
- # `"cloudsql_database"` represents databases in Google Cloud SQL.
- # The maximum length of this value is 256 characters.
- "labels": [ # Required. A set of labels used to describe instances of this monitored
- # resource type. For example, an individual Google Cloud SQL database is
- # identified by values for the labels `"database_id"` and `"zone"`.
- { # A description of a label.
- "valueType": "A String", # The type of data that can be assigned to the label.
- "description": "A String", # A human-readable description for the label.
- "key": "A String", # The label key.
- },
- ],
+ #
+ # Next ID: 10
"displayName": "A String", # Optional. A concise name for the monitored resource type that might be
# displayed in user interfaces. It should be a Title Cased Noun Phrase,
# without any article or other determiners. For example,
@@ -809,6 +622,19 @@
# {project_id} is a project ID that provides API-specific context for
# accessing the type. APIs that do not use project information can use the
# resource name format `"monitoredResourceDescriptors/{type}"`.
+ "labels": [ # Required. A set of labels used to describe instances of this monitored
+ # resource type. For example, an individual Google Cloud SQL database is
+ # identified by values for the labels `"database_id"` and `"zone"`.
+ { # A description of a label.
+ "valueType": "A String", # The type of data that can be assigned to the label.
+ "description": "A String", # A human-readable description for the label.
+ "key": "A String", # The label key.
+ },
+ ],
+ "launchStage": "A String", # Optional. The launch stage of the monitored resource definition.
+ "type": "A String", # Required. The monitored resource type. For example, the type
+ # `"cloudsql_database"` represents databases in Google Cloud SQL.
+ # The maximum length of this value is 256 characters.
"description": "A String", # Optional. A detailed description of the monitored resource type that might
# be used in documentation.
},
@@ -902,19 +728,23 @@
},
"id": "A String", # A unique ID for a specific instance of this message, typically assigned
# by the client for tracking purpose. If empty, the server may choose to
- # generate one instead.
+ # generate one instead. Must be no longer than 60 characters.
"backend": { # `Backend` defines the backend configuration for a service. # API backend configuration.
"rules": [ # A list of API backend rules that apply to individual API methods.
#
# **NOTE:** All service configuration rules follow "last one wins" order.
{ # A backend rule provides configuration for an individual API element.
+ "jwtAudience": "A String", # The JWT audience is used when generating a JWT id token for the backend.
+ "pathTranslation": "A String",
+ "minDeadline": 3.14, # Minimum deadline in seconds needed for this method. Calls having deadline
+ # value lower than this will be rejected.
"selector": "A String", # Selects the methods to which this rule applies.
#
# Refer to selector for syntax details.
- "minDeadline": 3.14, # Minimum deadline in seconds needed for this method. Calls having deadline
- # value lower than this will be rejected.
- "deadline": 3.14, # The number of seconds to wait for a response from a request. The
- # default depends on the deployment context.
+ "operationDeadline": 3.14, # The number of seconds to wait for the completion of a long running
+ # operation. The default is no deadline.
+ "deadline": 3.14, # The number of seconds to wait for a response from a request. The default
+ # deadline for gRPC is infinite (no deadline) and HTTP requests is 5 seconds.
"address": "A String", # The address of the API backend.
},
],
@@ -957,35 +787,75 @@
# - library.googleapis.com/book/returned_count
# - library.googleapis.com/book/overdue_count
"producerDestinations": [ # Monitoring configurations for sending metrics to the producer project.
- # There can be multiple producer destinations, each one must have a
- # different monitored resource type. A metric can be used in at most
- # one producer destination.
+ # There can be multiple producer destinations. A monitored resouce type may
+ # appear in multiple monitoring destinations if different aggregations are
+ # needed for different sets of metrics associated with that monitored
+ # resource type. A monitored resource and metric pair may only be used once
+ # in the Monitoring configuration.
{ # Configuration of a specific monitoring destination (the producer project
# or the consumer project).
"monitoredResource": "A String", # The monitored resource type. The type must be defined in
# Service.monitored_resources section.
- "metrics": [ # Names of the metrics to report to this monitoring destination.
- # Each name must be defined in Service.metrics section.
+ "metrics": [ # Types of the metrics to report to this monitoring destination.
+ # Each type must be defined in Service.metrics section.
"A String",
],
},
],
"consumerDestinations": [ # Monitoring configurations for sending metrics to the consumer project.
- # There can be multiple consumer destinations, each one must have a
- # different monitored resource type. A metric can be used in at most
- # one consumer destination.
+ # There can be multiple consumer destinations. A monitored resouce type may
+ # appear in multiple monitoring destinations if different aggregations are
+ # needed for different sets of metrics associated with that monitored
+ # resource type. A monitored resource and metric pair may only be used once
+ # in the Monitoring configuration.
{ # Configuration of a specific monitoring destination (the producer project
# or the consumer project).
"monitoredResource": "A String", # The monitored resource type. The type must be defined in
# Service.monitored_resources section.
- "metrics": [ # Names of the metrics to report to this monitoring destination.
+ "metrics": [ # Types of the metrics to report to this monitoring destination.
+ # Each type must be defined in Service.metrics section.
+ "A String",
+ ],
+ },
+ ],
+ },
+ "billing": { # Billing related configuration of the service. # Billing configuration.
+ #
+ # The following example shows how to configure monitored resources and metrics
+ # for billing:
+ #
+ # monitored_resources:
+ # - type: library.googleapis.com/branch
+ # labels:
+ # - key: /city
+ # description: The city where the library branch is located in.
+ # - key: /name
+ # description: The name of the branch.
+ # metrics:
+ # - name: library.googleapis.com/book/borrowed_count
+ # metric_kind: DELTA
+ # value_type: INT64
+ # billing:
+ # consumer_destinations:
+ # - monitored_resource: library.googleapis.com/branch
+ # metrics:
+ # - library.googleapis.com/book/borrowed_count
+ "consumerDestinations": [ # Billing configurations for sending metrics to the consumer project.
+ # There can be multiple consumer destinations per service, each one must have
+ # a different monitored resource type. A metric can be used in at most
+ # one consumer destination.
+ { # Configuration of a specific billing destination (Currently only support
+ # bill against consumer project).
+ "monitoredResource": "A String", # The monitored resource type. The type must be defined in
+ # Service.monitored_resources section.
+ "metrics": [ # Names of the metrics to report to this billing destination.
# Each name must be defined in Service.metrics section.
"A String",
],
},
],
},
- "title": "A String", # The product title associated with this service.
+ "title": "A String", # The product title for this service.
"authentication": { # `Authentication` defines the authentication configuration for an API. # Auth configuration.
#
# Example for an API targeted for external use:
@@ -1038,9 +908,11 @@
# canonical_scopes: https://www.googleapis.com/auth/calendar,
# https://www.googleapis.com/auth/calendar.read
},
+ "allowWithoutCredential": True or False, # If true, the service accepts API keys without any other credential.
"requirements": [ # Requirements for additional authentication providers.
{ # User-defined authentication requirements, including support for
- # [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
"providerId": "A String", # id from authentication provider.
#
# Example:
@@ -1064,26 +936,27 @@
# bookstore_web.apps.googleusercontent.com
},
],
- "allowWithoutCredential": True or False, # Whether to allow requests without a credential. The credential can be
- # an OAuth token, Google cookies (first-party auth) or EndUserCreds.
- #
- # For requests without credentials, if the service control environment is
- # specified, each incoming request **must** be associated with a service
- # consumer. This can be done by passing an API key that belongs to a consumer
- # project.
- "customAuth": { # Configuration for a custom authentication provider. # Configuration for custom authentication.
- "provider": "A String", # A configuration string containing connection information for the
- # authentication provider, typically formatted as a SmartService string
- # (go/smartservice).
- },
"selector": "A String", # Selects the methods to which this rule applies.
#
# Refer to selector for syntax details.
},
],
"providers": [ # Defines a set of authentication providers that a service supports.
- { # Configuration for an anthentication provider, including support for
- # [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ { # Configuration for an authentication provider, including support for
+ # [JSON Web Token
+ # (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
+ # Optional if the key set document:
+ # - can be retrieved from
+ # [OpenID
+ # Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
+ # the issuer.
+ # - can be inferred from the email domain of the issuer (e.g. a Google
+ # service account).
+ #
+ # Example: https://www.googleapis.com/oauth2/v1/certs
"audiences": "A String", # The list of JWT
# [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
# that are allowed to access. A JWT containing any of these audiences will
@@ -1097,19 +970,12 @@
#
# audiences: bookstore_android.apps.googleusercontent.com,
# bookstore_web.apps.googleusercontent.com
- "jwksUri": "A String", # URL of the provider's public key set to validate signature of the JWT. See
- # [OpenID Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
- # Optional if the key set document:
- # - can be retrieved from
- # [OpenID Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html
- # of the issuer.
- # - can be inferred from the email domain of the issuer (e.g. a Google service account).
- #
- # Example: https://www.googleapis.com/oauth2/v1/certs
"id": "A String", # The unique identifier of the auth provider. It will be referred to by
# `AuthRequirement.provider_id`.
#
# Example: "bookstore_auth".
+ "authorizationUrl": "A String", # Redirect URL if JWT token is required but not present or is expired.
+ # Implement authorizationUrl of securityDefinitions in OpenAPI spec.
"issuer": "A String", # Identifies the principal that issued the JWT. See
# https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
# Usually a URL or an email address.
@@ -1148,7 +1014,12 @@
# rules:
# - selector: "google.example.library.v1.LibraryService.CreateBook"
# allow_unregistered_calls: true
- "allowUnregisteredCalls": True or False, # True, if the method allows unregistered calls; false otherwise.
+ "skipServiceControl": True or False, # If true, the selected method should skip service control and the control
+ # plane features, such as quota and billing, will not be available.
+ # This flag is used by Google Cloud Endpoints to bypass checks for internal
+ # methods, such as service health check methods.
+ "allowUnregisteredCalls": True or False, # If true, the selected method allows unregistered calls, e.g. calls
+ # that don't identify any user or application.
"selector": "A String", # Selects the methods to which this rule applies. Use '*' to indicate all
# methods in all APIs.
#
@@ -1169,107 +1040,105 @@
"A String",
],
},
- "configVersion": 42, # The version of the service configuration. The config version may
- # influence interpretation of the configuration, for example, to
- # determine defaults. This is documented together with applicable
- # options. The current default for the config version itself is `3`.
- "producerProjectId": "A String", # The id of the Google developer project that owns the service.
- # Members of this project can manage the service configuration,
- # manage consumption of the service, etc.
- "http": { # Defines the HTTP configuration for a service. It contains a list of # HTTP configuration.
+ "configVersion": 42, # The semantic version of the service configuration. The config version
+ # affects the interpretation of the service configuration. For example,
+ # certain features are enabled by default for certain config versions.
+ # The latest config version is `3`.
+ "producerProjectId": "A String", # The Google project that owns this service.
+ "http": { # Defines the HTTP configuration for an API service. It contains a list of # HTTP configuration.
# HttpRule, each specifying the mapping of an RPC method
# to one or more HTTP REST API methods.
"rules": [ # A list of HTTP configuration rules that apply to individual API methods.
#
# **NOTE:** All service configuration rules follow "last one wins" order.
- { # `HttpRule` defines the mapping of an RPC method to one or more HTTP
- # REST APIs. The mapping determines what portions of the request
- # message are populated from the path, query parameters, or body of
- # the HTTP request. The mapping is typically specified as an
- # `google.api.http` annotation, see "google/api/annotations.proto"
- # for details.
+ { # # gRPC Transcoding
#
- # The mapping consists of a field specifying the path template and
- # method kind. The path template can refer to fields in the request
- # message, as in the example below which describes a REST GET
- # operation on a resource collection of messages:
+ # gRPC Transcoding is a feature for mapping between a gRPC method and one or
+ # more HTTP REST endpoints. It allows developers to build a single API service
+ # that supports both gRPC APIs and REST APIs. Many systems, including [Google
+ # APIs](https://github.com/googleapis/googleapis),
+ # [Cloud Endpoints](https://cloud.google.com/endpoints), [gRPC
+ # Gateway](https://github.com/grpc-ecosystem/grpc-gateway),
+ # and [Envoy](https://github.com/envoyproxy/envoy) proxy support this feature
+ # and use it for large scale production services.
#
+ # `HttpRule` defines the schema of the gRPC/REST mapping. The mapping specifies
+ # how different portions of the gRPC request message are mapped to the URL
+ # path, URL query parameters, and HTTP request body. It also controls how the
+ # gRPC response message is mapped to the HTTP response body. `HttpRule` is
+ # typically specified as an `google.api.http` annotation on the gRPC method.
+ #
+ # Each mapping specifies a URL path template and an HTTP method. The path
+ # template may refer to one or more fields in the gRPC request message, as long
+ # as each field is a non-repeated field with a primitive (non-message) type.
+ # The path template controls how fields of the request message are mapped to
+ # the URL path.
+ #
+ # Example:
#
# service Messaging {
# rpc GetMessage(GetMessageRequest) returns (Message) {
- # option (google.api.http).get = "/v1/messages/{message_id}/{sub.subfield}";
+ # option (google.api.http) = {
+ # get: "/v1/{name=messages/*}"
+ # };
# }
# }
# message GetMessageRequest {
- # message SubMessage {
- # string subfield = 1;
- # }
- # string message_id = 1; // mapped to the URL
- # SubMessage sub = 2; // `sub.subfield` is url-mapped
+ # string name = 1; // Mapped to URL path.
# }
# message Message {
- # string text = 1; // content of the resource
+ # string text = 1; // The resource content.
# }
#
- # The same http annotation can alternatively be expressed inside the
- # `GRPC API Configuration` YAML file.
+ # This enables an HTTP REST to gRPC mapping as below:
#
- # http:
- # rules:
- # - selector: <proto_package_name>.Messaging.GetMessage
- # get: /v1/messages/{message_id}/{sub.subfield}
- #
- # This definition enables an automatic, bidrectional mapping of HTTP
- # JSON to RPC. Example:
- #
- # HTTP | RPC
+ # HTTP | gRPC
# -----|-----
- # `GET /v1/messages/123456/foo` | `GetMessage(message_id: "123456" sub: SubMessage(subfield: "foo"))`
+ # `GET /v1/messages/123456` | `GetMessage(name: "messages/123456")`
#
- # In general, not only fields but also field paths can be referenced
- # from a path pattern. Fields mapped to the path pattern cannot be
- # repeated and must have a primitive (non-message) type.
- #
- # Any fields in the request message which are not bound by the path
- # pattern automatically become (optional) HTTP query
- # parameters. Assume the following definition of the request message:
- #
+ # Any fields in the request message which are not bound by the path template
+ # automatically become HTTP query parameters if there is no HTTP request body.
+ # For example:
#
# service Messaging {
# rpc GetMessage(GetMessageRequest) returns (Message) {
- # option (google.api.http).get = "/v1/messages/{message_id}";
+ # option (google.api.http) = {
+ # get:"/v1/messages/{message_id}"
+ # };
# }
# }
# message GetMessageRequest {
# message SubMessage {
# string subfield = 1;
# }
- # string message_id = 1; // mapped to the URL
- # int64 revision = 2; // becomes a parameter
- # SubMessage sub = 3; // `sub.subfield` becomes a parameter
+ # string message_id = 1; // Mapped to URL path.
+ # int64 revision = 2; // Mapped to URL query parameter `revision`.
+ # SubMessage sub = 3; // Mapped to URL query parameter `sub.subfield`.
# }
#
- #
# This enables a HTTP JSON to RPC mapping as below:
#
- # HTTP | RPC
+ # HTTP | gRPC
# -----|-----
- # `GET /v1/messages/123456?revision=2&sub.subfield=foo` | `GetMessage(message_id: "123456" revision: 2 sub: SubMessage(subfield: "foo"))`
+ # `GET /v1/messages/123456?revision=2&sub.subfield=foo` |
+ # `GetMessage(message_id: "123456" revision: 2 sub: SubMessage(subfield:
+ # "foo"))`
#
- # Note that fields which are mapped to HTTP parameters must have a
- # primitive type or a repeated primitive type. Message types are not
- # allowed. In the case of a repeated type, the parameter can be
- # repeated in the URL, as in `...?param=A¶m=B`.
+ # Note that fields which are mapped to URL query parameters must have a
+ # primitive type or a repeated primitive type or a non-repeated message type.
+ # In the case of a repeated type, the parameter can be repeated in the URL
+ # as `...?param=A¶m=B`. In the case of a message type, each field of the
+ # message is mapped to a separate parameter, such as
+ # `...?foo.a=A&foo.b=B&foo.c=C`.
#
- # For HTTP method kinds which allow a request body, the `body` field
+ # For HTTP methods that allow a request body, the `body` field
# specifies the mapping. Consider a REST update method on the
# message resource collection:
#
- #
# service Messaging {
# rpc UpdateMessage(UpdateMessageRequest) returns (Message) {
# option (google.api.http) = {
- # put: "/v1/messages/{message_id}"
+ # patch: "/v1/messages/{message_id}"
# body: "message"
# };
# }
@@ -1279,14 +1148,14 @@
# Message message = 2; // mapped to the body
# }
#
- #
# The following HTTP JSON to RPC mapping is enabled, where the
# representation of the JSON in the request body is determined by
# protos JSON encoding:
#
- # HTTP | RPC
+ # HTTP | gRPC
# -----|-----
- # `PUT /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id: "123456" message { text: "Hi!" })`
+ # `PATCH /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id:
+ # "123456" message { text: "Hi!" })`
#
# The special name `*` can be used in the body mapping to define that
# every field not bound by the path template should be mapped to the
@@ -1296,7 +1165,7 @@
# service Messaging {
# rpc UpdateMessage(Message) returns (Message) {
# option (google.api.http) = {
- # put: "/v1/messages/{message_id}"
+ # patch: "/v1/messages/{message_id}"
# body: "*"
# };
# }
@@ -1309,13 +1178,14 @@
#
# The following HTTP JSON to RPC mapping is enabled:
#
- # HTTP | RPC
+ # HTTP | gRPC
# -----|-----
- # `PUT /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id: "123456" text: "Hi!")`
+ # `PATCH /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id:
+ # "123456" text: "Hi!")`
#
# Note that when using `*` in the body mapping, it is not possible to
# have HTTP parameters, as all fields not bound by the path end in
- # the body. This makes this option more rarely used in practice of
+ # the body. This makes this option more rarely used in practice when
# defining REST APIs. The common usage of `*` is in custom methods
# which don't use the URL at all for transferring data.
#
@@ -1337,32 +1207,31 @@
# string user_id = 2;
# }
#
+ # This enables the following two alternative HTTP JSON to RPC mappings:
#
- # This enables the following two alternative HTTP JSON to RPC
- # mappings:
- #
- # HTTP | RPC
+ # HTTP | gRPC
# -----|-----
# `GET /v1/messages/123456` | `GetMessage(message_id: "123456")`
- # `GET /v1/users/me/messages/123456` | `GetMessage(user_id: "me" message_id: "123456")`
+ # `GET /v1/users/me/messages/123456` | `GetMessage(user_id: "me" message_id:
+ # "123456")`
#
- # # Rules for HTTP mapping
+ # ## Rules for HTTP mapping
#
- # The rules for mapping HTTP path, query parameters, and body fields
- # to the request message are as follows:
+ # 1. Leaf request fields (recursive expansion nested messages in the request
+ # message) are classified into three categories:
+ # - Fields referred by the path template. They are passed via the URL path.
+ # - Fields referred by the HttpRule.body. They are passed via the HTTP
+ # request body.
+ # - All other fields are passed via the URL query parameters, and the
+ # parameter name is the field path in the request message. A repeated
+ # field can be represented as multiple query parameters under the same
+ # name.
+ # 2. If HttpRule.body is "*", there is no URL query parameter, all fields
+ # are passed via URL path and HTTP request body.
+ # 3. If HttpRule.body is omitted, there is no HTTP request body, all
+ # fields are passed via URL path and URL query parameters.
#
- # 1. The `body` field specifies either `*` or a field path, or is
- # omitted. If omitted, it assumes there is no HTTP body.
- # 2. Leaf fields (recursive expansion of nested messages in the
- # request) can be classified into three types:
- # (a) Matched in the URL template.
- # (b) Covered by body (if body is `*`, everything except (a) fields;
- # else everything under the body field)
- # (c) All other fields.
- # 3. URL query parameters found in the HTTP request are mapped to (c) fields.
- # 4. Any body sent with an HTTP request can contain only (b) fields.
- #
- # The syntax of the path template is as follows:
+ # ### Path template syntax
#
# Template = "/" Segments [ Verb ] ;
# Segments = Segment { "/" Segment } ;
@@ -1371,130 +1240,122 @@
# FieldPath = IDENT { "." IDENT } ;
# Verb = ":" LITERAL ;
#
- # The syntax `*` matches a single path segment. It follows the semantics of
- # [RFC 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.2 Simple String
- # Expansion.
+ # The syntax `*` matches a single URL path segment. The syntax `**` matches
+ # zero or more URL path segments, which must be the last part of the URL path
+ # except the `Verb`.
#
- # The syntax `**` matches zero or more path segments. It follows the semantics
- # of [RFC 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.3 Reserved
- # Expansion. NOTE: it must be the last segment in the path except the Verb.
- #
- # The syntax `LITERAL` matches literal text in the URL path.
- #
- # The syntax `Variable` matches the entire path as specified by its template;
- # this nested template must not contain further variables. If a variable
+ # The syntax `Variable` matches part of the URL path as specified by its
+ # template. A variable template must not contain other variables. If a variable
# matches a single path segment, its template may be omitted, e.g. `{var}`
# is equivalent to `{var=*}`.
#
- # NOTE: the field paths in variables and in the `body` must not refer to
- # repeated fields or map fields.
+ # The syntax `LITERAL` matches literal text in the URL path. If the `LITERAL`
+ # contains any reserved character, such characters should be percent-encoded
+ # before the matching.
#
- # Use CustomHttpPattern to specify any HTTP method that is not included in the
- # `pattern` field, such as HEAD, or "*" to leave the HTTP method unspecified for
- # a given URL path rule. The wild-card rule is useful for services that provide
- # content to Web (HTML) clients.
- "body": "A String", # The name of the request field whose value is mapped to the HTTP body, or
- # `*` for mapping all fields not captured by the path pattern to the HTTP
- # body. NOTE: the referred field must not be a repeated field and must be
- # present at the top-level of request message type.
- "get": "A String", # Used for listing and getting information about resources.
- "restCollection": "A String", # Optional. The REST collection name is by default derived from the URL
- # pattern. If specified, this field overrides the default collection name.
- # Example:
+ # If a variable contains exactly one path segment, such as `"{var}"` or
+ # `"{var=*}"`, when such a variable is expanded into a URL path on the client
+ # side, all characters except `[-_.~0-9a-zA-Z]` are percent-encoded. The
+ # server side does the reverse decoding. Such variables show up in the
+ # [Discovery
+ # Document](https://developers.google.com/discovery/v1/reference/apis) as
+ # `{var}`.
+ #
+ # If a variable contains multiple path segments, such as `"{var=foo/*}"`
+ # or `"{var=**}"`, when such a variable is expanded into a URL path on the
+ # client side, all characters except `[-_.~/0-9a-zA-Z]` are percent-encoded.
+ # The server side does the reverse decoding, except "%2F" and "%2f" are left
+ # unchanged. Such variables show up in the
+ # [Discovery
+ # Document](https://developers.google.com/discovery/v1/reference/apis) as
+ # `{+var}`.
+ #
+ # ## Using gRPC API Service Configuration
+ #
+ # gRPC API Service Configuration (service config) is a configuration language
+ # for configuring a gRPC service to become a user-facing product. The
+ # service config is simply the YAML representation of the `google.api.Service`
+ # proto message.
+ #
+ # As an alternative to annotating your proto file, you can configure gRPC
+ # transcoding in your service config YAML files. You do this by specifying a
+ # `HttpRule` that maps the gRPC method to a REST endpoint, achieving the same
+ # effect as the proto annotation. This can be particularly useful if you
+ # have a proto that is reused in multiple services. Note that any transcoding
+ # specified in the service config will override any matching transcoding
+ # configuration in the proto.
+ #
+ # Example:
+ #
+ # http:
+ # rules:
+ # # Selects a gRPC method and applies HttpRule to it.
+ # - selector: example.v1.Messaging.GetMessage
+ # get: /v1/messages/{message_id}/{sub.subfield}
+ #
+ # ## Special notes
+ #
+ # When gRPC Transcoding is used to map a gRPC to JSON REST endpoints, the
+ # proto to JSON conversion must follow the [proto3
+ # specification](https://developers.google.com/protocol-buffers/docs/proto3#json).
+ #
+ # While the single segment variable follows the semantics of
+ # [RFC 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.2 Simple String
+ # Expansion, the multi segment variable **does not** follow RFC 6570 Section
+ # 3.2.3 Reserved Expansion. The reason is that the Reserved Expansion
+ # does not expand special characters like `?` and `#`, which would lead
+ # to invalid URLs. As the result, gRPC Transcoding uses a custom encoding
+ # for multi segment variables.
+ #
+ # The path variables **must not** refer to any repeated or mapped field,
+ # because client libraries are not capable of handling such variable expansion.
+ #
+ # The path variables **must not** capture the leading "/" character. The reason
+ # is that the most common use case "{var}" does not capture the leading "/"
+ # character. For consistency, all path variables must share the same behavior.
+ #
+ # Repeated message fields must not be mapped to URL query parameters, because
+ # no client library can support such complicated mapping.
+ #
+ # If an API needs to use a JSON array for request or response body, it can map
+ # the request or response body to a repeated field. However, some gRPC
+ # Transcoding implementations may not support this feature.
+ "body": "A String", # The name of the request field whose value is mapped to the HTTP request
+ # body, or `*` for mapping all request fields not captured by the path
+ # pattern to the HTTP body, or omitted for not having any HTTP request body.
#
- # rpc AddressesAggregatedList(AddressesAggregatedListRequest)
- # returns (AddressesAggregatedListResponse) {
- # option (google.api.http) = {
- # get: "/v1/projects/{project_id}/aggregated/addresses"
- # rest_collection: "projects.addresses"
- # };
- # }
- #
- # This method has the automatically derived collection name
- # "projects.aggregated". Because, semantically, this rpc is actually an
- # operation on the "projects.addresses" collection, the `rest_collection`
- # field is configured to override the derived collection name.
+ # NOTE: the referred field must be present at the top-level of the request
+ # message type.
"additionalBindings": [ # Additional HTTP bindings for the selector. Nested bindings must
# not contain an `additional_bindings` field themselves (that is,
# the nesting may only be one level deep).
# Object with schema name: HttpRule
],
- "mediaUpload": { # Defines the Media configuration for a service in case of an upload. # Use this only for Scotty Requests. Do not use this for media support using
- # Bytestream, add instead
- # [][google.bytestream.RestByteStream] as an API to your
- # configuration for Bytestream methods.
- # Use this only for Scotty Requests. Do not use this for media support using
- # Bytestream, add instead [][google.bytestream.RestByteStream] as an API to
- # your configuration for Bytestream methods.
- "progressNotification": True or False, # Whether to receive a notification for progress changes of media upload.
- "startNotification": True or False, # Whether to receive a notification on the start of media upload.
- "mimeTypes": [ # An array of mimetype patterns. Esf will only accept uploads that match one
- # of the given patterns.
- "A String",
- ],
- "completeNotification": True or False, # A boolean that determines whether a notification for the completion of an
- # upload should be sent to the backend. These notifications will not be seen
- # by the client and will not consume quota.
- "enabled": True or False, # Whether upload is enabled.
- "uploadService": "A String", # DO NOT USE FIELDS BELOW THIS LINE UNTIL THIS WARNING IS REMOVED.
- #
- # Specify name of the upload service if one is used for upload.
- "maxSize": "A String", # Optional maximum acceptable size for an upload.
- # The size is specified in bytes.
- "dropzone": "A String", # Name of the Scotty dropzone to use for the current API.
- },
- "selector": "A String", # Selects methods to which this rule applies.
- #
- # Refer to selector for syntax details.
- "responseBody": "A String", # The name of the response field whose value is mapped to the HTTP body of
- # response. Other response fields are ignored. This field is optional. When
- # not set, the response message will be used as HTTP body of response.
- # NOTE: the referred field must be not a repeated field and must be present
- # at the top-level of response message type.
- "restMethodName": "A String", # Optional. The rest method name is by default derived from the URL
- # pattern. If specified, this field overrides the default method name.
- # Example:
- #
- # rpc CreateResource(CreateResourceRequest)
- # returns (CreateResourceResponse) {
- # option (google.api.http) = {
- # post: "/v1/resources",
- # body: "resource",
- # rest_method_name: "insert"
- # };
- # }
- #
- # This method has the automatically derived rest method name "create", but
- # for backwards compatability with apiary, it is specified as insert.
- "mediaDownload": { # Defines the Media configuration for a service in case of a download. # Use this only for Scotty Requests. Do not use this for bytestream methods.
- # For media support, add instead [][google.bytestream.RestByteStream] as an
- # API to your configuration.
- # Use this only for Scotty Requests. Do not use this for media support using
- # Bytestream, add instead [][google.bytestream.RestByteStream] as an API to
- # your configuration for Bytestream methods.
- "useDirectDownload": True or False, # A boolean that determines if direct download from ESF should be used for
- # download of this media.
- "enabled": True or False, # Whether download is enabled.
- "completeNotification": True or False, # A boolean that determines whether a notification for the completion of a
- # download should be sent to the backend.
- "maxDirectDownloadSize": "A String", # Optional maximum acceptable size for direct download.
- # The size is specified in bytes.
- "dropzone": "A String", # Name of the Scotty dropzone to use for the current API.
- "downloadService": "A String", # DO NOT USE FIELDS BELOW THIS LINE UNTIL THIS WARNING IS REMOVED.
- #
- # Specify name of the download service if one is used for download.
- },
- "put": "A String", # Used for updating a resource.
- "patch": "A String", # Used for updating a resource.
- "post": "A String", # Used for creating a resource.
- "custom": { # A custom pattern is used for defining custom HTTP verb. # Custom pattern is used for defining custom verbs.
+ "get": "A String", # Maps to HTTP GET. Used for listing and getting information about
+ # resources.
+ "patch": "A String", # Maps to HTTP PATCH. Used for updating a resource.
+ "custom": { # A custom pattern is used for defining custom HTTP verb. # The custom pattern is used for specifying an HTTP method that is not
+ # included in the `pattern` field, such as HEAD, or "*" to leave the
+ # HTTP method unspecified for this rule. The wild-card rule is useful
+ # for services that provide content to Web (HTML) clients.
"path": "A String", # The path matched by this custom verb.
"kind": "A String", # The name of this custom HTTP verb.
},
- "delete": "A String", # Used for deleting a resource.
+ "responseBody": "A String", # Optional. The name of the response field whose value is mapped to the HTTP
+ # response body. When omitted, the entire response message will be used
+ # as the HTTP response body.
+ #
+ # NOTE: The referred field must be present at the top-level of the response
+ # message type.
+ "put": "A String", # Maps to HTTP PUT. Used for replacing a resource.
+ "post": "A String", # Maps to HTTP POST. Used for creating a resource or performing an action.
+ "selector": "A String", # Selects a method to which this rule applies.
+ #
+ # Refer to selector for syntax details.
+ "delete": "A String", # Maps to HTTP DELETE. Used for deleting a resource.
},
],
- "fullyDecodeReservedExpansion": True or False, # When set to true, URL path parmeters will be fully URI-decoded except in
+ "fullyDecodeReservedExpansion": True or False, # When set to true, URL path parameters will be fully URI-decoded except in
# cases of single segment matches in reserved expansion, where "%2F" will be
# left encoded.
#
@@ -1506,19 +1367,50 @@
# author, as the remaining fields will be derived from the IDL during the
# normalization process. It is an error to specify an API interface here
# which cannot be resolved against the associated IDL files.
- { # Api is a light-weight descriptor for a protocol buffer service.
- "name": "A String", # The fully qualified name of this api, including package name
- # followed by the api's simple name.
+ { # Api is a light-weight descriptor for an API Interface.
+ #
+ # Interfaces are also described as "protocol buffer services" in some contexts,
+ # such as by the "service" keyword in a .proto file, but they are different
+ # from API Services, which represent a concrete implementation of an interface
+ # as opposed to simply a description of methods and bindings. They are also
+ # sometimes simply referred to as "APIs" in other contexts, such as the name of
+ # this message itself. See https://cloud.google.com/apis/design/glossary for
+ # detailed terminology.
+ "methods": [ # The methods of this interface, in unspecified order.
+ { # Method represents a method of an API interface.
+ "name": "A String", # The simple name of this method.
+ "requestStreaming": True or False, # If true, the request is streamed.
+ "responseTypeUrl": "A String", # The URL of the output message type.
+ "requestTypeUrl": "A String", # A URL of the input message type.
+ "responseStreaming": True or False, # If true, the response is streamed.
+ "syntax": "A String", # The source syntax of this method.
+ "options": [ # Any metadata attached to the method.
+ { # A protocol buffer option, which can be attached to a message, field,
+ # enumeration, etc.
+ "name": "A String", # The option's name. For protobuf built-in options (options defined in
+ # descriptor.proto), this is the short name. For example, `"map_entry"`.
+ # For custom options, it should be the fully-qualified name. For example,
+ # `"google.api.http"`.
+ "value": { # The option's value packed in an Any message. If the value is a primitive,
+ # the corresponding wrapper type defined in google/protobuf/wrappers.proto
+ # should be used. If the value is an enum, it should be stored as an int32
+ # value using the google.protobuf.Int32Value type.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ },
+ ],
+ },
+ ],
"sourceContext": { # `SourceContext` represents information about the source of a # Source context for the protocol buffer service represented by this
# message.
# protobuf element, like the file in which it is defined.
"fileName": "A String", # The path-qualified name of the .proto file that contained the associated
# protobuf element. For example: `"google/protobuf/source_context.proto"`.
},
- "mixins": [ # Included APIs. See Mixin.
- { # Declares an API to be included in this API. The including API must
- # redeclare all the methods from the included API, but documentation
- # and options are inherited as follows:
+ "mixins": [ # Included interfaces. See Mixin.
+ { # Declares an API Interface to be included in this interface. The including
+ # interface must redeclare all the methods from the included interface, but
+ # documentation and options are inherited as follows:
#
# - If after comment and whitespace stripping, the documentation
# string of the redeclared method is empty, it will be inherited
@@ -1530,7 +1422,8 @@
#
# - If an http annotation is inherited, the path pattern will be
# modified as follows. Any version prefix will be replaced by the
- # version of the including API plus the root path if specified.
+ # version of the including interface plus the root path if
+ # specified.
#
# Example of a simple mixin:
#
@@ -1595,17 +1488,16 @@
# }
"root": "A String", # If non-empty specifies a path under which inherited HTTP paths
# are rooted.
- "name": "A String", # The fully qualified name of the API which is included.
+ "name": "A String", # The fully qualified name of the interface which is included.
},
],
"syntax": "A String", # The source syntax of the service.
- "version": "A String", # A version string for this api. If specified, must have the form
- # `major-version.minor-version`, as in `1.10`. If the minor version
- # is omitted, it defaults to zero. If the entire version field is
- # empty, the major version is derived from the package name, as
- # outlined below. If the field is not empty, the version in the
- # package name will be verified to be consistent with what is
- # provided here.
+ "version": "A String", # A version string for this interface. If specified, must have the form
+ # `major-version.minor-version`, as in `1.10`. If the minor version is
+ # omitted, it defaults to zero. If the entire version field is empty, the
+ # major version is derived from the package name, as outlined below. If the
+ # field is not empty, the version in the package name will be verified to be
+ # consistent with what is provided here.
#
# The versioning schema uses [semantic
# versioning](http://semver.org) where the major version number
@@ -1615,11 +1507,11 @@
# chosen based on the product plan.
#
# The major version is also reflected in the package name of the
- # API, which must end in `v<major-version>`, as in
+ # interface, which must end in `v<major-version>`, as in
# `google.feature.v1`. For major versions 0 and 1, the suffix can
# be omitted. Zero major versions must only be used for
- # experimental, none-GA apis.
- "options": [ # Any metadata attached to the API.
+ # experimental, non-GA interfaces.
+ "options": [ # Any metadata attached to the interface.
{ # A protocol buffer option, which can be attached to a message, field,
# enumeration, etc.
"name": "A String", # The option's name. For protobuf built-in options (options defined in
@@ -1634,31 +1526,8 @@
},
},
],
- "methods": [ # The methods of this api, in unspecified order.
- { # Method represents a method of an api.
- "name": "A String", # The simple name of this method.
- "requestStreaming": True or False, # If true, the request is streamed.
- "responseTypeUrl": "A String", # The URL of the output message type.
- "requestTypeUrl": "A String", # A URL of the input message type.
- "responseStreaming": True or False, # If true, the response is streamed.
- "syntax": "A String", # The source syntax of this method.
- "options": [ # Any metadata attached to the method.
- { # A protocol buffer option, which can be attached to a message, field,
- # enumeration, etc.
- "name": "A String", # The option's name. For protobuf built-in options (options defined in
- # descriptor.proto), this is the short name. For example, `"map_entry"`.
- # For custom options, it should be the fully-qualified name. For example,
- # `"google.api.http"`.
- "value": { # The option's value packed in an Any message. If the value is a primitive,
- # the corresponding wrapper type defined in google/protobuf/wrappers.proto
- # should be used. If the value is an enum, it should be stored as an int32
- # value using the google.protobuf.Int32Value type.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- },
- ],
- },
- ],
+ "name": "A String", # The fully qualified name of this interface, including package name
+ # followed by the interface's simple name.
},
],
"customError": { # Customize service error responses. For example, list any service # Custom error configuration.
@@ -1689,7 +1558,7 @@
"quota": { # Quota configuration helps to achieve fairness and budgeting in service # Quota configuration.
# usage.
#
- # The quota configuration works this way:
+ # The metric based quota configuration works this way:
# - The service configuration defines a set of metrics.
# - For API calls, the quota.metric_rules maps methods to metrics with
# corresponding costs.
@@ -1699,6 +1568,7 @@
# An example quota configuration in yaml format:
#
# quota:
+ # limits:
#
# - name: apiWriteQpsPerProject
# metric: library.googleapis.com/write_calls
@@ -1734,6 +1604,7 @@
# display_name: Write requests
# metric_kind: DELTA
# value_type: INT64
+ #
"metricRules": [ # List of `MetricRule` definitions, each one mapping a selected method to one
# or more metrics.
{ # Bind API methods to metrics. Binding a method to a metric causes that
@@ -1759,9 +1630,12 @@
# Optional. If not set, the UI will provide a default display name based on
# the quota configuration. This field can be used to override the default
# display name generated from the configuration.
- "description": "A String", # Optional. User-visible, extended description for this quota limit.
- # Should be used only when more context is needed to understand this limit
- # than provided by the limit's display name (see: `display_name`).
+ "name": "A String", # Name of the quota limit.
+ #
+ # The name must be provided, and it must be unique within the service. The
+ # name can only include alphanumeric characters as well as '-'.
+ #
+ # The maximum length of the limit name is 64 characters.
"defaultLimit": "A String", # Default number of tokens that can be consumed during the specified
# duration. This is the number of tokens assigned when a client
# application developer activates the service for his/her project.
@@ -1775,9 +1649,9 @@
"metric": "A String", # The name of the metric this quota limit applies to. The quota limits with
# the same metric will be checked together during runtime. The metric must be
# defined within the service config.
- #
- # Used by metric-based quotas only.
- "values": { # Tiered limit values, currently only STANDARD is supported.
+ "values": { # Tiered limit values. You must specify this as a key:value pair, with an
+ # integer value that is the maximum number of requests allowed for the
+ # specified unit. Currently only STANDARD is supported.
"a_key": "A String",
},
"maxLimit": "A String", # Maximum number of tokens that can be consumed during the specified
@@ -1807,84 +1681,14 @@
# Metric.unit. The supported unit kinds are determined by the quota
# backend system.
#
- # The [Google Service Control](https://cloud.google.com/service-control)
- # supports the following unit components:
- # * One of the time intevals:
- # * "/min" for quota every minute.
- # * "/d" for quota every 24 hours, starting 00:00 US Pacific Time.
- # * Otherwise the quota won't be reset by time, such as storage limit.
- # * One and only one of the granted containers:
- # * "/{project}" quota for a project
- #
# Here are some examples:
# * "1/min/{project}" for quota per minute per project.
#
# Note: the order of unit components is insignificant.
# The "1" at the beginning is required to follow the metric unit syntax.
- #
- # Used by metric-based quotas only.
- "name": "A String", # Name of the quota limit. The name is used to refer to the limit when
- # overriding the default limit on per-consumer basis.
- #
- # For metric-based quota limits, the name must be provided, and it must be
- # unique within the service. The name can only include alphanumeric
- # characters as well as '-'.
- #
- # The maximum length of the limit name is 64 characters.
- #
- # The name of a limit is used as a unique identifier for this limit.
- # Therefore, once a limit has been put into use, its name should be
- # immutable. You can use the display_name field to provide a user-friendly
- # name for the limit. The display name can be evolved over time without
- # affecting the identity of the limit.
- },
- ],
- },
- "visibility": { # `Visibility` defines restrictions for the visibility of service # API visibility configuration.
- # elements. Restrictions are specified using visibility labels
- # (e.g., TRUSTED_TESTER) that are elsewhere linked to users and projects.
- #
- # Users and projects can have access to more than one visibility label. The
- # effective visibility for multiple labels is the union of each label's
- # elements, plus any unrestricted elements.
- #
- # If an element and its parents have no restrictions, visibility is
- # unconditionally granted.
- #
- # Example:
- #
- # visibility:
- # rules:
- # - selector: google.calendar.Calendar.EnhancedSearch
- # restriction: TRUSTED_TESTER
- # - selector: google.calendar.Calendar.Delegate
- # restriction: GOOGLE_INTERNAL
- #
- # Here, all methods are publicly visible except for the restricted methods
- # EnhancedSearch and Delegate.
- "rules": [ # A list of visibility rules that apply to individual API elements.
- #
- # **NOTE:** All service configuration rules follow "last one wins" order.
- { # A visibility rule provides visibility configuration for an individual API
- # element.
- "restriction": "A String", # A comma-separated list of visibility labels that apply to the `selector`.
- # Any of the listed labels can be used to grant the visibility.
- #
- # If a rule has multiple labels, removing one of the labels but not all of
- # them can break clients.
- #
- # Example:
- #
- # visibility:
- # rules:
- # - selector: google.calendar.Calendar.EnhancedSearch
- # restriction: GOOGLE_INTERNAL, TRUSTED_TESTER
- #
- # Removing GOOGLE_INTERNAL from this restriction will break clients that
- # rely on this method and only had access to it through GOOGLE_INTERNAL.
- "selector": "A String", # Selects methods, messages, fields, enums, etc. to which this rule applies.
- #
- # Refer to selector for syntax details.
+ "description": "A String", # Optional. User-visible, extended description for this quota limit.
+ # Should be used only when more context is needed to understand this limit
+ # than provided by the limit's display name (see: `display_name`).
},
],
},
@@ -1892,9 +1696,12 @@
{ # Defines a metric type and its schema. Once a metric descriptor is created,
# deleting or altering it stops data collection and makes the metric type's
# existing data unusable.
+ "description": "A String", # A detailed description of the metric, which can be used in documentation.
"displayName": "A String", # A concise name for the metric, which can be displayed in user interfaces.
# Use sentence case without an ending period, for example "Request count".
- "description": "A String", # A detailed description of the metric, which can be used in documentation.
+ # This field is optional but it is recommended to be set for any metrics
+ # associated with user-visible concepts, such as Quota.
+ "name": "A String", # The resource name of the metric descriptor.
"metricKind": "A String", # Whether the metric records instantaneous values, changes to a value, etc.
# Some combinations of `metric_kind` and `value_type` might not be supported.
"valueType": "A String", # Whether the measurement is an integer, a floating-point number, etc.
@@ -1911,12 +1718,14 @@
"key": "A String", # The label key.
},
],
+ "launchStage": "A String", # Optional. The launch stage of the metric definition.
"type": "A String", # The metric type, including its DNS name prefix. The type is not
- # URL-encoded. All user-defined custom metric types have the DNS name
- # `custom.googleapis.com`. Metric types should use a natural hierarchical
- # grouping. For example:
+ # URL-encoded. All user-defined metric types have the DNS name
+ # `custom.googleapis.com` or `external.googleapis.com`. Metric types should
+ # use a natural hierarchical grouping. For example:
#
# "custom.googleapis.com/invoice/paid/amount"
+ # "external.googleapis.com/prometheus/up"
# "appengine.googleapis.com/http/server/response_latencies"
"unit": "A String", # The unit in which the metric value is reported. It is only applicable
# if the `value_type` is `INT64`, `DOUBLE`, or `DISTRIBUTION`. The
@@ -1957,8 +1766,6 @@
#
# **Grammar**
#
- # The grammar includes the dimensionless unit `1`, such as `1/s`.
- #
# The grammar also includes these connectors:
#
# * `/` division (as an infix operator, e.g. `1/s`).
@@ -1968,7 +1775,7 @@
#
# Expression = Component { "." Component } { "/" Component } ;
#
- # Component = [ PREFIX ] UNIT [ Annotation ]
+ # Component = ( [ PREFIX ] UNIT | "%" ) [ Annotation ]
# | Annotation
# | "1"
# ;
@@ -1982,14 +1789,20 @@
# `{requests}/s == 1/s`, `By{transmitted}/s == By/s`.
# * `NAME` is a sequence of non-blank printable ASCII characters not
# containing '{' or '}'.
- "name": "A String", # The resource name of the metric descriptor. Depending on the
- # implementation, the name typically includes: (1) the parent resource name
- # that defines the scope of the metric type or of its data; and (2) the
- # metric's URL-encoded type, which also appears in the `type` field of this
- # descriptor. For example, following is the resource name of a custom
- # metric within the GCP project `my-project-id`:
- #
- # "projects/my-project-id/metricDescriptors/custom.googleapis.com%2Finvoice%2Fpaid%2Famount"
+ # * `1` represents dimensionless value 1, such as in `1/s`.
+ # * `%` represents dimensionless value 1/100, and annotates values giving
+ # a percentage.
+ "metadata": { # Additional annotations that can be used to guide the usage of a metric. # Optional. Metadata which can be used to guide usage of the metric.
+ "launchStage": "A String", # Deprecated. Please use the MetricDescriptor.launch_stage instead.
+ # The launch stage of the metric definition.
+ "ingestDelay": "A String", # The delay of data points caused by ingestion. Data points older than this
+ # age are guaranteed to be ingested and available to be read, excluding
+ # data loss due to errors.
+ "samplePeriod": "A String", # The sampling period of metric data points. For metrics which are written
+ # periodically, consecutive data points are stored at this time interval,
+ # excluding data loss due to errors. Metrics with a higher granularity have
+ # a smaller sampling period.
+ },
},
],
"enums": [ # A list of all enum types included in this API service. Enums
@@ -2173,8 +1986,10 @@
},
],
},
- "name": "A String", # The DNS address at which this service is available,
- # e.g. `calendar.googleapis.com`.
+ "name": "A String", # The service name, which is a DNS-like logical identifier for the
+ # service, such as `calendar.googleapis.com`. The service name
+ # typically goes through DNS verification to make sure the owner
+ # of the service also owns the DNS name.
"documentation": { # `Documentation` provides the information for describing a service. # Additional API documentation.
#
# Example:
@@ -2218,9 +2033,7 @@
# <pre><code>[display text][fully.qualified.proto.name]</code></pre>
# Text can be excluded from doc using the following notation:
# <pre><code>(-- internal comment --)</code></pre>
- # Comments can be made conditional using a visibility label. The below
- # text will be only rendered if the `BETA` label is available:
- # <pre><code>(--BETA: comment for BETA users --)</code></pre>
+ #
# A few directives are available in documentation. Note that
# directives must appear on a single line to be properly
# identified. The `include` directive includes a markdown file from
@@ -2237,14 +2050,14 @@
# **NOTE:** All service configuration rules follow "last one wins" order.
{ # A documentation rule provides information about individual API elements.
"description": "A String", # Description of the selected API(s).
- "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if an
- # element is marked as `deprecated`.
+ "deprecationDescription": "A String", # Deprecation description of the selected element(s). It can be provided if
+ # an element is marked as `deprecated`.
"selector": "A String", # The selector is a comma-separated list of patterns. Each pattern is a
# qualified name of the element which may end in "*", indicating a wildcard.
# Wildcards are only allowed at the end and for a whole component of the
- # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". To
- # specify a default for all applicable elements, the whole pattern "*"
- # is used.
+ # qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". A
+ # wildcard will match one or more components. To specify a default for all
+ # applicable elements, the whole pattern "*" is used.
},
],
"documentationRootUrl": "A String", # The URL to the root of documentation.
@@ -2264,8 +2077,8 @@
"pages": [ # The top level pages for the documentation set.
{ # Represents a documentation page. A page can contain subpages to represent
# nested documentation set structure.
- "content": "A String", # The Markdown content of the page. You can use <code>(== include {path} ==)</code>
- # to include content from a Markdown file.
+ "content": "A String", # The Markdown content of the page. You can use <code>(== include {path}
+ # ==)</code> to include content from a Markdown file.
"subpages": [ # Subpages of this page. The order of subpages specified here will be
# honored in the generated docset.
# Object with schema name: Page
@@ -2376,6 +2189,25 @@
#
# Available context types are defined in package
# `google.rpc.context`.
+ #
+ # This also provides mechanism to whitelist any protobuf message extension that
+ # can be sent in grpc metadata using “x-goog-ext-<extension_id>-bin” and
+ # “x-goog-ext-<extension_id>-jspb” format. For example, list any service
+ # specific protobuf types that can appear in grpc metadata as follows in your
+ # yaml file:
+ #
+ # Example:
+ #
+ # context:
+ # rules:
+ # - selector: "google.example.library.v1.LibraryService.CreateBook"
+ # allowed_request_extensions:
+ # - google.foo.v1.NewExtension
+ # allowed_response_extensions:
+ # - google.foo.v1.NewExtension
+ #
+ # You can also specify extension ID instead of fully qualified extension name
+ # here.
"rules": [ # A list of RPC context rules that apply to individual API methods.
#
# **NOTE:** All service configuration rules follow "last one wins" order.
@@ -2384,9 +2216,17 @@
"provided": [ # A list of full type names of provided contexts.
"A String",
],
+ "allowedResponseExtensions": [ # A list of full type names or extension IDs of extensions allowed in grpc
+ # side channel from backend to client.
+ "A String",
+ ],
"selector": "A String", # Selects the methods to which this rule applies.
#
# Refer to selector for syntax details.
+ "allowedRequestExtensions": [ # A list of full type names or extension IDs of extensions allowed in grpc
+ # side channel from client to backend.
+ "A String",
+ ],
"requested": [ # A list of full type names of requested contexts.
"A String",
],
@@ -2412,56 +2252,35 @@
# # allowed to proceed.
# - name: library-example.googleapis.com
# allow_cors: true
- "target": "A String", # The specification of an Internet routable address of API frontend that will
- # handle requests to this [API Endpoint](https://cloud.google.com/apis/design/glossary).
- # It should be either a valid IPv4 address or a fully-qualified domain name.
- # For example, "8.8.8.8" or "myservice.appspot.com".
- "apis": [ # The list of APIs served by this endpoint.
- #
- # If no APIs are specified this translates to "all APIs" exported by the
- # service, as defined in the top-level service configuration.
- "A String",
- ],
"allowCors": True or False, # Allowing
# [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka
# cross-domain traffic, would allow the backends served from this endpoint to
# receive and respond to HTTP OPTIONS requests. The response will be used by
# the browser to determine whether the subsequent cross-origin request is
# allowed to proceed.
- "name": "A String", # The canonical name of this endpoint.
+ "target": "A String", # The specification of an Internet routable address of API frontend that will
+ # handle requests to this [API
+ # Endpoint](https://cloud.google.com/apis/design/glossary). It should be
+ # either a valid IPv4 address or a fully-qualified domain name. For example,
+ # "8.8.8.8" or "myservice.appspot.com".
"features": [ # The list of features enabled on this endpoint.
"A String",
],
+ "name": "A String", # The canonical name of this endpoint.
"aliases": [ # DEPRECATED: This field is no longer supported. Instead of using aliases,
- # please specify multiple google.api.Endpoint for each of the intented
- # alias.
+ # please specify multiple google.api.Endpoint for each of the intended
+ # aliases.
#
# Additional names that this endpoint will be hosted on.
"A String",
],
},
],
- "experimental": { # Experimental service configuration. These configuration options can # Experimental configuration.
- # only be used by whitelisted users.
- "authorization": { # Configuration of authorization. # Authorization configuration.
- #
- # This section determines the authorization provider, if unspecified, then no
- # authorization check will be done.
- #
- # Example:
- #
- # experimental:
- # authorization:
- # provider: firebaserules.googleapis.com
- "provider": "A String", # The name of the authorization provider, such as
- # firebaserules.googleapis.com.
- },
- },
}</pre>
</div>
<div class="method">
- <code class="details" id="getIamPolicy">getIamPolicy(resource, body, x__xgafv=None)</code>
+ <code class="details" id="getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</code>
<pre>Gets the access control policy for a resource.
Returns an empty policy if the resource exists and does not have a policy
set.
@@ -2469,7 +2288,7 @@
Args:
resource: string, REQUIRED: The resource for which the policy is being requested.
See the operation documentation for the appropriate value for this field. (required)
- body: object, The request body. (required)
+ body: object, The request body.
The object takes the form of:
{ # Request message for `GetIamPolicy` method.
@@ -2487,12 +2306,12 @@
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
@@ -2502,7 +2321,7 @@
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
@@ -2512,8 +2331,75 @@
# ]
# }
#
+ # **YAML Example**
+ #
+ # bindings:
+ # - members:
+ # - user:mike@example.com
+ # - group:admins@example.com
+ # - domain:google.com
+ # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # - members:
+ # - user:sean@example.com
+ # role: roles/viewer
+ #
+ #
# For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
+ "bindings": [ # Associates a list of `members` to a `role`.
+ # `bindings` with no members will result in an error.
+ { # Associates `members` with a `role`.
+ "role": "A String", # Role that is assigned to `members`.
+ # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+ "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
+ # `members` can have the following values:
+ #
+ # * `allUsers`: A special identifier that represents anyone who is
+ # on the internet; with or without a Google account.
+ #
+ # * `allAuthenticatedUsers`: A special identifier that represents anyone
+ # who is authenticated with a Google account or a service account.
+ #
+ # * `user:{emailid}`: An email address that represents a specific Google
+ # account. For example, `alice@gmail.com` .
+ #
+ #
+ # * `serviceAccount:{emailid}`: An email address that represents a service
+ # account. For example, `my-other-app@appspot.gserviceaccount.com`.
+ #
+ # * `group:{emailid}`: An email address that represents a Google group.
+ # For example, `admins@example.com`.
+ #
+ #
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
+ # users of that domain. For example, `google.com` or `example.com`.
+ #
+ "A String",
+ ],
+ "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
+ #
+ # title: "User account presence"
+ # description: "Determines whether the request has a user account"
+ # expression: "size(request.user) > 0"
+ "location": "A String", # An optional string indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
+ "expression": "A String", # Textual representation of an expression in
+ # Common Expression Language syntax.
+ #
+ # The application context of the containing message determines which
+ # well-known feature set of CEL is supported.
+ "description": "A String", # An optional description of the expression. This is a longer text which
+ # describes the expression, e.g. when hovered over it in a UI.
+ "title": "A String", # An optional title for the expression, i.e. a short string describing
+ # its purpose. This can be used e.g. in UIs which allow to enter the
+ # expression.
+ },
+ },
+ ],
"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
{ # Specifies the audit configuration for a service.
# The configuration determines which permission types are logged, and what
@@ -2523,7 +2409,7 @@
# If there are AuditConfigs for both `allServices` and a specific service,
# the union of the two AuditConfigs is used for that service: the log_types
# specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditConfig are exempted.
+ # AuditLogConfig are exempted.
#
# Example Policy with multiple AuditConfigs:
#
@@ -2566,11 +2452,7 @@
# For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
# logging. It also exempts foo@gmail.com from DATA_READ logging, and
# bar@gmail.com from DATA_WRITE logging.
- "exemptedMembers": [
- "A String",
- ],
"auditLogConfigs": [ # The configuration for logging of each type of permission.
- # Next ID: 4
{ # Provides the configuration for logging a type of permissions.
# Example:
#
@@ -2603,63 +2485,6 @@
# `allServices` is a special value that covers all services.
},
],
- "rules": [ # If more than one rule is specified, the rules are applied in the following
- # manner:
- # - All matching LOG rules are always applied.
- # - If any DENY/DENY_WITH_LOG rule matches, permission is denied.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is
- # granted.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if no rule applies, permission is denied.
- { # A rule to be applied in a Policy.
- "notIn": [ # If one or more 'not_in' clauses are specified, the rule matches
- # if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
- # The format for in and not_in entries is the same as for members in a
- # Binding (see google/iam/v1/policy.proto).
- "A String",
- ],
- "description": "A String", # Human-readable description of the rule.
- "in": [ # If one or more 'in' clauses are specified, the rule matches if
- # the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
- "A String",
- ],
- "action": "A String", # Required
- "conditions": [ # Additional restrictions that must be met
- { # A condition to be met.
- "iam": "A String", # Trusted attributes supplied by the IAM system.
- "svc": "A String", # Trusted attributes discharged by the service.
- "value": "A String", # DEPRECATED. Use 'values' instead.
- "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses
- # the IAM system for access control.
- "values": [ # The objects of the condition. This is mutually exclusive with 'value'.
- "A String",
- ],
- "op": "A String", # An operator to apply the subject with.
- },
- ],
- "logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries
- # that match the LOG action.
- { # Specifies what kind of log the caller must write
- "counter": { # Options for counters # Counter options.
- "field": "A String", # The field value to attribute.
- "metric": "A String", # The metric to update.
- },
- "dataAccess": { # Write a Data Access (Gin) log # Data access options.
- },
- "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
- "logName": "A String", # The log_name to populate in the Cloud Audit Record.
- },
- },
- ],
- "permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'
- # (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,
- # and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
- "A String",
- ],
- },
- ],
- "version": 42, # Version of the `Policy`. The default version is 0.
"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
# prevent simultaneous updates of a policy from overwriting each other.
# It is strongly suggested that systems make use of the `etag` in the
@@ -2670,41 +2495,7 @@
#
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
# policy is overwritten blindly.
- "bindings": [ # Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
- # `bindings` with no members will result in an error.
- { # Associates `members` with a `role`.
- "role": "A String", # Role that is assigned to `members`.
- # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
- "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
- # `members` can have the following values:
- #
- # * `allUsers`: A special identifier that represents anyone who is
- # on the internet; with or without a Google account.
- #
- # * `allAuthenticatedUsers`: A special identifier that represents anyone
- # who is authenticated with a Google account or a service account.
- #
- # * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
- #
- #
- # * `serviceAccount:{emailid}`: An email address that represents a service
- # account. For example, `my-other-app@appspot.gserviceaccount.com`.
- #
- # * `group:{emailid}`: An email address that represents a Google group.
- # For example, `admins@example.com`.
- #
- #
- # * `domain:{domain}`: A Google Apps domain name that represents all the
- # users of that domain. For example, `google.com` or `example.com`.
- #
- "A String",
- ],
- },
- ],
- "iamOwned": True or False,
+ "version": 42, # Deprecated.
}</pre>
</div>
@@ -2722,7 +2513,8 @@
Args:
producerProjectId: string, Include services produced by the specified project.
- pageSize: integer, Requested size of the next page of data.
+ pageSize: integer, The max number of items to include in the response list. Page size is 50
+if not specified. Maximum value is 100.
pageToken: string, Token identifying which result to start with; returned by a previous list
call.
consumerId: string, Include services consumed by the specified consumer.
@@ -2784,12 +2576,12 @@
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
@@ -2799,7 +2591,7 @@
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
@@ -2809,8 +2601,75 @@
# ]
# }
#
+ # **YAML Example**
+ #
+ # bindings:
+ # - members:
+ # - user:mike@example.com
+ # - group:admins@example.com
+ # - domain:google.com
+ # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # - members:
+ # - user:sean@example.com
+ # role: roles/viewer
+ #
+ #
# For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
+ "bindings": [ # Associates a list of `members` to a `role`.
+ # `bindings` with no members will result in an error.
+ { # Associates `members` with a `role`.
+ "role": "A String", # Role that is assigned to `members`.
+ # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+ "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
+ # `members` can have the following values:
+ #
+ # * `allUsers`: A special identifier that represents anyone who is
+ # on the internet; with or without a Google account.
+ #
+ # * `allAuthenticatedUsers`: A special identifier that represents anyone
+ # who is authenticated with a Google account or a service account.
+ #
+ # * `user:{emailid}`: An email address that represents a specific Google
+ # account. For example, `alice@gmail.com` .
+ #
+ #
+ # * `serviceAccount:{emailid}`: An email address that represents a service
+ # account. For example, `my-other-app@appspot.gserviceaccount.com`.
+ #
+ # * `group:{emailid}`: An email address that represents a Google group.
+ # For example, `admins@example.com`.
+ #
+ #
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
+ # users of that domain. For example, `google.com` or `example.com`.
+ #
+ "A String",
+ ],
+ "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
+ #
+ # title: "User account presence"
+ # description: "Determines whether the request has a user account"
+ # expression: "size(request.user) > 0"
+ "location": "A String", # An optional string indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
+ "expression": "A String", # Textual representation of an expression in
+ # Common Expression Language syntax.
+ #
+ # The application context of the containing message determines which
+ # well-known feature set of CEL is supported.
+ "description": "A String", # An optional description of the expression. This is a longer text which
+ # describes the expression, e.g. when hovered over it in a UI.
+ "title": "A String", # An optional title for the expression, i.e. a short string describing
+ # its purpose. This can be used e.g. in UIs which allow to enter the
+ # expression.
+ },
+ },
+ ],
"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
{ # Specifies the audit configuration for a service.
# The configuration determines which permission types are logged, and what
@@ -2820,7 +2679,7 @@
# If there are AuditConfigs for both `allServices` and a specific service,
# the union of the two AuditConfigs is used for that service: the log_types
# specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditConfig are exempted.
+ # AuditLogConfig are exempted.
#
# Example Policy with multiple AuditConfigs:
#
@@ -2863,11 +2722,7 @@
# For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
# logging. It also exempts foo@gmail.com from DATA_READ logging, and
# bar@gmail.com from DATA_WRITE logging.
- "exemptedMembers": [
- "A String",
- ],
"auditLogConfigs": [ # The configuration for logging of each type of permission.
- # Next ID: 4
{ # Provides the configuration for logging a type of permissions.
# Example:
#
@@ -2900,63 +2755,6 @@
# `allServices` is a special value that covers all services.
},
],
- "rules": [ # If more than one rule is specified, the rules are applied in the following
- # manner:
- # - All matching LOG rules are always applied.
- # - If any DENY/DENY_WITH_LOG rule matches, permission is denied.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is
- # granted.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if no rule applies, permission is denied.
- { # A rule to be applied in a Policy.
- "notIn": [ # If one or more 'not_in' clauses are specified, the rule matches
- # if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
- # The format for in and not_in entries is the same as for members in a
- # Binding (see google/iam/v1/policy.proto).
- "A String",
- ],
- "description": "A String", # Human-readable description of the rule.
- "in": [ # If one or more 'in' clauses are specified, the rule matches if
- # the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
- "A String",
- ],
- "action": "A String", # Required
- "conditions": [ # Additional restrictions that must be met
- { # A condition to be met.
- "iam": "A String", # Trusted attributes supplied by the IAM system.
- "svc": "A String", # Trusted attributes discharged by the service.
- "value": "A String", # DEPRECATED. Use 'values' instead.
- "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses
- # the IAM system for access control.
- "values": [ # The objects of the condition. This is mutually exclusive with 'value'.
- "A String",
- ],
- "op": "A String", # An operator to apply the subject with.
- },
- ],
- "logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries
- # that match the LOG action.
- { # Specifies what kind of log the caller must write
- "counter": { # Options for counters # Counter options.
- "field": "A String", # The field value to attribute.
- "metric": "A String", # The metric to update.
- },
- "dataAccess": { # Write a Data Access (Gin) log # Data access options.
- },
- "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
- "logName": "A String", # The log_name to populate in the Cloud Audit Record.
- },
- },
- ],
- "permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'
- # (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,
- # and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
- "A String",
- ],
- },
- ],
- "version": 42, # Version of the `Policy`. The default version is 0.
"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
# prevent simultaneous updates of a policy from overwriting each other.
# It is strongly suggested that systems make use of the `etag` in the
@@ -2967,41 +2765,7 @@
#
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
# policy is overwritten blindly.
- "bindings": [ # Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
- # `bindings` with no members will result in an error.
- { # Associates `members` with a `role`.
- "role": "A String", # Role that is assigned to `members`.
- # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
- "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
- # `members` can have the following values:
- #
- # * `allUsers`: A special identifier that represents anyone who is
- # on the internet; with or without a Google account.
- #
- # * `allAuthenticatedUsers`: A special identifier that represents anyone
- # who is authenticated with a Google account or a service account.
- #
- # * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
- #
- #
- # * `serviceAccount:{emailid}`: An email address that represents a service
- # account. For example, `my-other-app@appspot.gserviceaccount.com`.
- #
- # * `group:{emailid}`: An email address that represents a Google group.
- # For example, `admins@example.com`.
- #
- #
- # * `domain:{domain}`: A Google Apps domain name that represents all the
- # users of that domain. For example, `google.com` or `example.com`.
- #
- "A String",
- ],
- },
- ],
- "iamOwned": True or False,
+ "version": 42, # Deprecated.
},
"updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
# the fields in the mask will be modified. If no mask is provided, the
@@ -3022,12 +2786,12 @@
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
@@ -3037,7 +2801,7 @@
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
@@ -3047,8 +2811,75 @@
# ]
# }
#
+ # **YAML Example**
+ #
+ # bindings:
+ # - members:
+ # - user:mike@example.com
+ # - group:admins@example.com
+ # - domain:google.com
+ # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # - members:
+ # - user:sean@example.com
+ # role: roles/viewer
+ #
+ #
# For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
+ "bindings": [ # Associates a list of `members` to a `role`.
+ # `bindings` with no members will result in an error.
+ { # Associates `members` with a `role`.
+ "role": "A String", # Role that is assigned to `members`.
+ # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+ "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
+ # `members` can have the following values:
+ #
+ # * `allUsers`: A special identifier that represents anyone who is
+ # on the internet; with or without a Google account.
+ #
+ # * `allAuthenticatedUsers`: A special identifier that represents anyone
+ # who is authenticated with a Google account or a service account.
+ #
+ # * `user:{emailid}`: An email address that represents a specific Google
+ # account. For example, `alice@gmail.com` .
+ #
+ #
+ # * `serviceAccount:{emailid}`: An email address that represents a service
+ # account. For example, `my-other-app@appspot.gserviceaccount.com`.
+ #
+ # * `group:{emailid}`: An email address that represents a Google group.
+ # For example, `admins@example.com`.
+ #
+ #
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
+ # users of that domain. For example, `google.com` or `example.com`.
+ #
+ "A String",
+ ],
+ "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
+ #
+ # title: "User account presence"
+ # description: "Determines whether the request has a user account"
+ # expression: "size(request.user) > 0"
+ "location": "A String", # An optional string indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
+ "expression": "A String", # Textual representation of an expression in
+ # Common Expression Language syntax.
+ #
+ # The application context of the containing message determines which
+ # well-known feature set of CEL is supported.
+ "description": "A String", # An optional description of the expression. This is a longer text which
+ # describes the expression, e.g. when hovered over it in a UI.
+ "title": "A String", # An optional title for the expression, i.e. a short string describing
+ # its purpose. This can be used e.g. in UIs which allow to enter the
+ # expression.
+ },
+ },
+ ],
"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
{ # Specifies the audit configuration for a service.
# The configuration determines which permission types are logged, and what
@@ -3058,7 +2889,7 @@
# If there are AuditConfigs for both `allServices` and a specific service,
# the union of the two AuditConfigs is used for that service: the log_types
# specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditConfig are exempted.
+ # AuditLogConfig are exempted.
#
# Example Policy with multiple AuditConfigs:
#
@@ -3101,11 +2932,7 @@
# For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
# logging. It also exempts foo@gmail.com from DATA_READ logging, and
# bar@gmail.com from DATA_WRITE logging.
- "exemptedMembers": [
- "A String",
- ],
"auditLogConfigs": [ # The configuration for logging of each type of permission.
- # Next ID: 4
{ # Provides the configuration for logging a type of permissions.
# Example:
#
@@ -3138,63 +2965,6 @@
# `allServices` is a special value that covers all services.
},
],
- "rules": [ # If more than one rule is specified, the rules are applied in the following
- # manner:
- # - All matching LOG rules are always applied.
- # - If any DENY/DENY_WITH_LOG rule matches, permission is denied.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is
- # granted.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if no rule applies, permission is denied.
- { # A rule to be applied in a Policy.
- "notIn": [ # If one or more 'not_in' clauses are specified, the rule matches
- # if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
- # The format for in and not_in entries is the same as for members in a
- # Binding (see google/iam/v1/policy.proto).
- "A String",
- ],
- "description": "A String", # Human-readable description of the rule.
- "in": [ # If one or more 'in' clauses are specified, the rule matches if
- # the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
- "A String",
- ],
- "action": "A String", # Required
- "conditions": [ # Additional restrictions that must be met
- { # A condition to be met.
- "iam": "A String", # Trusted attributes supplied by the IAM system.
- "svc": "A String", # Trusted attributes discharged by the service.
- "value": "A String", # DEPRECATED. Use 'values' instead.
- "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses
- # the IAM system for access control.
- "values": [ # The objects of the condition. This is mutually exclusive with 'value'.
- "A String",
- ],
- "op": "A String", # An operator to apply the subject with.
- },
- ],
- "logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries
- # that match the LOG action.
- { # Specifies what kind of log the caller must write
- "counter": { # Options for counters # Counter options.
- "field": "A String", # The field value to attribute.
- "metric": "A String", # The metric to update.
- },
- "dataAccess": { # Write a Data Access (Gin) log # Data access options.
- },
- "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
- "logName": "A String", # The log_name to populate in the Cloud Audit Record.
- },
- },
- ],
- "permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'
- # (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,
- # and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
- "A String",
- ],
- },
- ],
- "version": 42, # Version of the `Policy`. The default version is 0.
"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
# prevent simultaneous updates of a policy from overwriting each other.
# It is strongly suggested that systems make use of the `etag` in the
@@ -3205,41 +2975,7 @@
#
# If no `etag` is provided in the call to `setIamPolicy`, then the existing
# policy is overwritten blindly.
- "bindings": [ # Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
- # `bindings` with no members will result in an error.
- { # Associates `members` with a `role`.
- "role": "A String", # Role that is assigned to `members`.
- # For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
- "members": [ # Specifies the identities requesting access for a Cloud Platform resource.
- # `members` can have the following values:
- #
- # * `allUsers`: A special identifier that represents anyone who is
- # on the internet; with or without a Google account.
- #
- # * `allAuthenticatedUsers`: A special identifier that represents anyone
- # who is authenticated with a Google account or a service account.
- #
- # * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
- #
- #
- # * `serviceAccount:{emailid}`: An email address that represents a service
- # account. For example, `my-other-app@appspot.gserviceaccount.com`.
- #
- # * `group:{emailid}`: An email address that represents a Google group.
- # For example, `admins@example.com`.
- #
- #
- # * `domain:{domain}`: A Google Apps domain name that represents all the
- # users of that domain. For example, `google.com` or `example.com`.
- #
- "A String",
- ],
- },
- ],
- "iamOwned": True or False,
+ "version": 42, # Deprecated.
}</pre>
</div>
@@ -3306,72 +3042,6 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
- "error": { # The `Status` type defines a logical error model that is suitable for different # The error result of the operation in case of failure or cancellation.
- # programming environments, including REST APIs and RPC APIs. It is used by
- # [gRPC](https://github.com/grpc). The error model is designed to be:
- #
- # - Simple to use and understand for most users
- # - Flexible enough to meet unexpected needs
- #
- # # Overview
- #
- # The `Status` message contains three pieces of data: error code, error message,
- # and error details. The error code should be an enum value of
- # google.rpc.Code, but it may accept additional error codes if needed. The
- # error message should be a developer-facing English message that helps
- # developers *understand* and *resolve* the error. If a localized user-facing
- # error message is needed, put the localized message in the error details or
- # localize it in the client. The optional error details may contain arbitrary
- # information about the error. There is a predefined set of error detail types
- # in the package `google.rpc` that can be used for common error conditions.
- #
- # # Language mapping
- #
- # The `Status` message is the logical representation of the error model, but it
- # is not necessarily the actual wire format. When the `Status` message is
- # exposed in different client libraries and different wire protocols, it can be
- # mapped differently. For example, it will likely be mapped to some exceptions
- # in Java, but more likely mapped to some error codes in C.
- #
- # # Other uses
- #
- # The error model and the `Status` message can be used in a variety of
- # environments, either with or without APIs, to provide a
- # consistent developer experience across different environments.
- #
- # Example uses of this error model include:
- #
- # - Partial errors. If a service needs to return partial errors to the client,
- # it may embed the `Status` in the normal response to indicate the partial
- # errors.
- #
- # - Workflow errors. A typical workflow has multiple steps. Each step may
- # have a `Status` message for error reporting.
- #
- # - Batch operations. If a client uses batch request and batch response, the
- # `Status` message should be used directly inside batch response, one for
- # each error sub-response.
- #
- # - Asynchronous operations. If an API call embeds asynchronous operation
- # results in its response, the status of those operations should be
- # represented directly using the `Status` message.
- #
- # - Logging. If some API errors are stored in logs, the message `Status` could
- # be used directly after any stripping needed for security/privacy reasons.
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- "details": [ # A list of messages that carry the error details. There will be a
- # common set of message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- },
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If true, the operation is completed, and either `error` or `response` is
- # available.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -3382,15 +3052,36 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should have the format of `operations/some/unique/name`.
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
# long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
+ },
}</pre>
</div>