Regen all docs. (#700)
* Stop recursing if discovery == {}
* Generate docs with 'make docs'.
diff --git a/docs/dyn/spanner_v1.projects.instances.html b/docs/dyn/spanner_v1.projects.instances.html
index d8b4c63..b73265d 100644
--- a/docs/dyn/spanner_v1.projects.instances.html
+++ b/docs/dyn/spanner_v1.projects.instances.html
@@ -94,10 +94,10 @@
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Gets information about a particular instance.</p>
<p class="toc_element">
- <code><a href="#getIamPolicy">getIamPolicy(resource, body, x__xgafv=None)</a></code></p>
+ <code><a href="#getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Gets the access control policy for an instance resource. Returns an empty</p>
<p class="toc_element">
- <code><a href="#list">list(parent, pageSize=None, filter=None, pageToken=None, x__xgafv=None)</a></code></p>
+ <code><a href="#list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</a></code></p>
<p class="firstline">Lists all instances in the given project.</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
@@ -157,7 +157,7 @@
{ # The request for CreateInstance.
"instanceId": "A String", # Required. The ID of the instance to create. Valid identifiers are of the
- # form `a-z*[a-z0-9]` and must be between 6 and 30 characters in
+ # form `a-z*[a-z0-9]` and must be between 2 and 64 characters in
# length.
"instance": { # An isolated set of Cloud Spanner resources on which databases can be hosted. # Required. The instance to create. The name may be omitted, but if
# specified must be `<parent>/instances/<instance_id>`.
@@ -166,7 +166,7 @@
"name": "A String", # Required. A unique identifier for the instance, which cannot be changed
# after the instance is created. Values are of the form
# `projects/<project>/instances/a-z*[a-z0-9]`. The final
- # segment of the name must be between 6 and 30 characters in length.
+ # segment of the name must be between 2 and 64 characters in length.
"labels": { # Cloud Labels are a flexible and lightweight mechanism for organizing cloud
# resources into groups that reflect a customer's organizational needs and
# deployment strategies. Cloud Labels can be used to filter collections of
@@ -195,7 +195,12 @@
# either omitted or set to `CREATING`. For
# UpdateInstance, the state must be
# either omitted or set to `READY`.
- "nodeCount": 42, # Required. The number of nodes allocated to this instance.
+ "nodeCount": 42, # Required. The number of nodes allocated to this instance. This may be zero
+ # in API responses for instances that are not yet in state `READY`.
+ #
+ # See [the
+ # documentation](https://cloud.google.com/spanner/docs/instances#node_count)
+ # for more information about nodes.
"config": "A String", # Required. The name of the instance's configuration. Values are of the form
# `projects/<project>/instanceConfigs/<configuration>`. See
# also InstanceConfig and
@@ -219,40 +224,24 @@
# long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If true, the operation is completed, and either `error` or `response` is
- # available.
- "response": { # The normal response of the operation in case of success. If the original
- # method returns no data on success, such as `Delete`, the response is
- # `google.protobuf.Empty`. If the original method is standard
- # `Get`/`Create`/`Update`, the response should be the resource. For other
- # methods, the response should have the type `XxxResponse`, where `Xxx`
- # is the original method name. For example, if the original method name
- # is `TakeSnapshot()`, the inferred response type is
- # `TakeSnapshotResponse`.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should have the format of `operations/some/unique/name`.
- "error": { # The `Status` type defines a logical error model that is suitable for different # The error result of the operation in case of failure or cancellation.
- # programming environments, including REST APIs and RPC APIs. It is used by
- # [gRPC](https://github.com/grpc). The error model is designed to be:
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). The error model is designed to be:
#
# - Simple to use and understand for most users
# - Flexible enough to meet unexpected needs
#
# # Overview
#
- # The `Status` message contains three pieces of data: error code, error message,
- # and error details. The error code should be an enum value of
+ # The `Status` message contains three pieces of data: error code, error
+ # message, and error details. The error code should be an enum value of
# google.rpc.Code, but it may accept additional error codes if needed. The
# error message should be a developer-facing English message that helps
# developers *understand* and *resolve* the error. If a localized user-facing
# error message is needed, put the localized message in the error details or
# localize it in the client. The optional error details may contain arbitrary
# information about the error. There is a predefined set of error detail types
- # in the package `google.rpc` which can be used for common error conditions.
+ # in the package `google.rpc` that can be used for common error conditions.
#
# # Language mapping
#
@@ -275,7 +264,7 @@
# errors.
#
# - Workflow errors. A typical workflow has multiple steps. Each step may
- # have a `Status` message for error reporting purpose.
+ # have a `Status` message for error reporting.
#
# - Batch operations. If a client uses batch request and batch response, the
# `Status` message should be used directly inside batch response, one for
@@ -291,13 +280,29 @@
# user-facing error message should be localized and sent in the
# google.rpc.Status.details field, or localized by the client.
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
- "details": [ # A list of messages that carry the error details. There will be a
- # common set of message types for APIs to use.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
},
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
+ "response": { # The normal response of the operation in case of success. If the original
+ # method returns no data on success, such as `Delete`, the response is
+ # `google.protobuf.Empty`. If the original method is standard
+ # `Get`/`Create`/`Update`, the response should be the resource. For other
+ # methods, the response should have the type `XxxResponse`, where `Xxx`
+ # is the original method name. For example, if the original method name
+ # is `TakeSnapshot()`, the inferred response type is
+ # `TakeSnapshotResponse`.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
}</pre>
</div>
@@ -359,7 +364,7 @@
"name": "A String", # Required. A unique identifier for the instance, which cannot be changed
# after the instance is created. Values are of the form
# `projects/<project>/instances/a-z*[a-z0-9]`. The final
- # segment of the name must be between 6 and 30 characters in length.
+ # segment of the name must be between 2 and 64 characters in length.
"labels": { # Cloud Labels are a flexible and lightweight mechanism for organizing cloud
# resources into groups that reflect a customer's organizational needs and
# deployment strategies. Cloud Labels can be used to filter collections of
@@ -388,7 +393,12 @@
# either omitted or set to `CREATING`. For
# UpdateInstance, the state must be
# either omitted or set to `READY`.
- "nodeCount": 42, # Required. The number of nodes allocated to this instance.
+ "nodeCount": 42, # Required. The number of nodes allocated to this instance. This may be zero
+ # in API responses for instances that are not yet in state `READY`.
+ #
+ # See [the
+ # documentation](https://cloud.google.com/spanner/docs/instances#node_count)
+ # for more information about nodes.
"config": "A String", # Required. The name of the instance's configuration. Values are of the form
# `projects/<project>/instanceConfigs/<configuration>`. See
# also InstanceConfig and
@@ -397,7 +407,7 @@
</div>
<div class="method">
- <code class="details" id="getIamPolicy">getIamPolicy(resource, body, x__xgafv=None)</code>
+ <code class="details" id="getIamPolicy">getIamPolicy(resource, body=None, x__xgafv=None)</code>
<pre>Gets the access control policy for an instance resource. Returns an empty
policy if an instance exists but does not have a policy set.
@@ -406,7 +416,7 @@
Args:
resource: string, REQUIRED: The Cloud Spanner resource for which the policy is being retrieved. The format is `projects/<project ID>/instances/<instance ID>` for instance resources and `projects/<project ID>/instances/<instance ID>/databases/<database ID>` for database resources. (required)
- body: object, The request body. (required)
+ body: object, The request body.
The object takes the form of:
{ # Request message for `GetIamPolicy` method.
@@ -424,12 +434,12 @@
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
@@ -439,7 +449,7 @@
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
@@ -449,170 +459,27 @@
# ]
# }
#
+ # **YAML Example**
+ #
+ # bindings:
+ # - members:
+ # - user:mike@example.com
+ # - group:admins@example.com
+ # - domain:google.com
+ # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # - members:
+ # - user:sean@example.com
+ # role: roles/viewer
+ #
+ #
# For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
- "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
- { # Specifies the audit configuration for a service.
- # The configuration determines which permission types are logged, and what
- # identities, if any, are exempted from logging.
- # An AuditConifg must have one or more AuditLogConfigs.
- #
- # If there are AuditConfigs for both `allServices` and a specific service,
- # the union of the two AuditConfigs is used for that service: the log_types
- # specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditConfig are exempted.
- #
- # Example Policy with multiple AuditConfigs:
- #
- # {
- # "audit_configs": [
- # {
- # "service": "allServices"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:foo@gmail.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # },
- # {
- # "log_type": "ADMIN_READ",
- # }
- # ]
- # },
- # {
- # "service": "fooservice.googleapis.com"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # },
- # {
- # "log_type": "DATA_WRITE",
- # "exempted_members": [
- # "user:bar@gmail.com"
- # ]
- # }
- # ]
- # }
- # ]
- # }
- #
- # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
- # logging. It also exempts foo@gmail.com from DATA_READ logging, and
- # bar@gmail.com from DATA_WRITE logging.
- "exemptedMembers": [
- "A String",
- ],
- "auditLogConfigs": [ # The configuration for logging of each type of permission.
- # Next ID: 4
- { # Provides the configuration for logging a type of permissions.
- # Example:
- #
- # {
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:foo@gmail.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # }
- # ]
- # }
- #
- # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
- # foo@gmail.com from DATA_READ logging.
- "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
- # permission.
- # Follows the same format of Binding.members.
- "A String",
- ],
- "logType": "A String", # The log type that this config enables.
- },
- ],
- "service": "A String", # Specifies a service that will be enabled for audit logging.
- # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
- # `allServices` is a special value that covers all services.
- },
- ],
- "rules": [ # If more than one rule is specified, the rules are applied in the following
- # manner:
- # - All matching LOG rules are always applied.
- # - If any DENY/DENY_WITH_LOG rule matches, permission is denied.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is
- # granted.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if no rule applies, permission is denied.
- { # A rule to be applied in a Policy.
- "notIn": [ # If one or more 'not_in' clauses are specified, the rule matches
- # if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
- # The format for in and not_in entries is the same as for members in a
- # Binding (see google/iam/v1/policy.proto).
- "A String",
- ],
- "description": "A String", # Human-readable description of the rule.
- "in": [ # If one or more 'in' clauses are specified, the rule matches if
- # the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
- "A String",
- ],
- "action": "A String", # Required
- "conditions": [ # Additional restrictions that must be met
- { # A condition to be met.
- "iam": "A String", # Trusted attributes supplied by the IAM system.
- "svc": "A String", # Trusted attributes discharged by the service.
- "value": "A String", # DEPRECATED. Use 'values' instead.
- "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses
- # the IAM system for access control.
- "values": [ # The objects of the condition. This is mutually exclusive with 'value'.
- "A String",
- ],
- "op": "A String", # An operator to apply the subject with.
- },
- ],
- "logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries
- # that match the LOG action.
- { # Specifies what kind of log the caller must write
- "counter": { # Options for counters # Counter options.
- "field": "A String", # The field value to attribute.
- "metric": "A String", # The metric to update.
- },
- "dataAccess": { # Write a Data Access (Gin) log # Data access options.
- },
- "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
- },
- },
- ],
- "permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'
- # (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,
- # and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
- "A String",
- ],
- },
- ],
- "version": 42, # Version of the `Policy`. The default version is 0.
- "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
- # prevent simultaneous updates of a policy from overwriting each other.
- # It is strongly suggested that systems make use of the `etag` in the
- # read-modify-write cycle to perform policy updates in order to avoid race
- # conditions: An `etag` is returned in the response to `getIamPolicy`, and
- # systems are expected to put that etag in the request to `setIamPolicy` to
- # ensure that their change will be applied to the same version of the policy.
- #
- # If no `etag` is provided in the call to `setIamPolicy`, then the existing
- # policy is overwritten blindly.
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
"bindings": [ # Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
# `bindings` with no members will result in an error.
{ # Associates `members` with a `role`.
"role": "A String", # Role that is assigned to `members`.
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
"members": [ # Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
#
@@ -623,7 +490,7 @@
# who is authenticated with a Google account or a service account.
#
# * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
+ # account. For example, `alice@gmail.com` .
#
#
# * `serviceAccount:{emailid}`: An email address that represents a service
@@ -632,45 +499,56 @@
# * `group:{emailid}`: An email address that represents a Google group.
# For example, `admins@example.com`.
#
- # * `domain:{domain}`: A Google Apps domain name that represents all the
+ #
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
# users of that domain. For example, `google.com` or `example.com`.
#
"A String",
],
+ "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
+ #
+ # title: "User account presence"
+ # description: "Determines whether the request has a user account"
+ # expression: "size(request.user) > 0"
+ "location": "A String", # An optional string indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
+ "expression": "A String", # Textual representation of an expression in
+ # Common Expression Language syntax.
+ #
+ # The application context of the containing message determines which
+ # well-known feature set of CEL is supported.
+ "description": "A String", # An optional description of the expression. This is a longer text which
+ # describes the expression, e.g. when hovered over it in a UI.
+ "title": "A String", # An optional title for the expression, i.e. a short string describing
+ # its purpose. This can be used e.g. in UIs which allow to enter the
+ # expression.
+ },
},
],
- "iamOwned": True or False,
+ "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
+ # prevent simultaneous updates of a policy from overwriting each other.
+ # It is strongly suggested that systems make use of the `etag` in the
+ # read-modify-write cycle to perform policy updates in order to avoid race
+ # conditions: An `etag` is returned in the response to `getIamPolicy`, and
+ # systems are expected to put that etag in the request to `setIamPolicy` to
+ # ensure that their change will be applied to the same version of the policy.
+ #
+ # If no `etag` is provided in the call to `setIamPolicy`, then the existing
+ # policy is overwritten blindly.
+ "version": 42, # Deprecated.
}</pre>
</div>
<div class="method">
- <code class="details" id="list">list(parent, pageSize=None, filter=None, pageToken=None, x__xgafv=None)</code>
+ <code class="details" id="list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</code>
<pre>Lists all instances in the given project.
Args:
parent: string, Required. The name of the project for which a list of instances is
requested. Values are of the form `projects/<project>`. (required)
- pageSize: integer, Number of instances to be returned in the response. If 0 or less, defaults
-to the server's maximum allowed page size.
- filter: string, An expression for filtering the results of the request. Filter rules are
-case insensitive. The fields eligible for filtering are:
-
- * name
- * display_name
- * labels.key where key is the name of a label
-
-Some examples of using filters are:
-
- * name:* --> The instance has a name.
- * name:Howl --> The instance's name contains the string "howl".
- * name:HOWL --> Equivalent to above.
- * NAME:howl --> Equivalent to above.
- * labels.env:* --> The instance has the label "env".
- * labels.env:dev --> The instance has the label "env" and the value of
- the label contains the string "dev".
- * name:howl labels.env:dev --> The instance's name contains "howl" and
- it has the label "env" with its value
- containing "dev".
pageToken: string, If non-empty, `page_token` should contain a
next_page_token from a
previous ListInstancesResponse.
@@ -678,6 +556,27 @@
Allowed values
1 - v1 error format
2 - v2 error format
+ pageSize: integer, Number of instances to be returned in the response. If 0 or less, defaults
+to the server's maximum allowed page size.
+ filter: string, An expression for filtering the results of the request. Filter rules are
+case insensitive. The fields eligible for filtering are:
+
+ * `name`
+ * `display_name`
+ * `labels.key` where key is the name of a label
+
+Some examples of using filters are:
+
+ * `name:*` --> The instance has a name.
+ * `name:Howl` --> The instance's name contains the string "howl".
+ * `name:HOWL` --> Equivalent to above.
+ * `NAME:howl` --> Equivalent to above.
+ * `labels.env:*` --> The instance has the label "env".
+ * `labels.env:dev` --> The instance has the label "env" and the value of
+ the label contains the string "dev".
+ * `name:howl labels.env:dev` --> The instance's name contains "howl" and
+ it has the label "env" with its value
+ containing "dev".
Returns:
An object of the form:
@@ -693,7 +592,7 @@
"name": "A String", # Required. A unique identifier for the instance, which cannot be changed
# after the instance is created. Values are of the form
# `projects/<project>/instances/a-z*[a-z0-9]`. The final
- # segment of the name must be between 6 and 30 characters in length.
+ # segment of the name must be between 2 and 64 characters in length.
"labels": { # Cloud Labels are a flexible and lightweight mechanism for organizing cloud
# resources into groups that reflect a customer's organizational needs and
# deployment strategies. Cloud Labels can be used to filter collections of
@@ -722,7 +621,12 @@
# either omitted or set to `CREATING`. For
# UpdateInstance, the state must be
# either omitted or set to `READY`.
- "nodeCount": 42, # Required. The number of nodes allocated to this instance.
+ "nodeCount": 42, # Required. The number of nodes allocated to this instance. This may be zero
+ # in API responses for instances that are not yet in state `READY`.
+ #
+ # See [the
+ # documentation](https://cloud.google.com/spanner/docs/instances#node_count)
+ # for more information about nodes.
"config": "A String", # Required. The name of the instance's configuration. Values are of the form
# `projects/<project>/instanceConfigs/<configuration>`. See
# also InstanceConfig and
@@ -793,7 +697,7 @@
name: string, Required. A unique identifier for the instance, which cannot be changed
after the instance is created. Values are of the form
`projects/<project>/instances/a-z*[a-z0-9]`. The final
-segment of the name must be between 6 and 30 characters in length. (required)
+segment of the name must be between 2 and 64 characters in length. (required)
body: object, The request body. (required)
The object takes the form of:
@@ -805,7 +709,7 @@
"name": "A String", # Required. A unique identifier for the instance, which cannot be changed
# after the instance is created. Values are of the form
# `projects/<project>/instances/a-z*[a-z0-9]`. The final
- # segment of the name must be between 6 and 30 characters in length.
+ # segment of the name must be between 2 and 64 characters in length.
"labels": { # Cloud Labels are a flexible and lightweight mechanism for organizing cloud
# resources into groups that reflect a customer's organizational needs and
# deployment strategies. Cloud Labels can be used to filter collections of
@@ -834,7 +738,12 @@
# either omitted or set to `CREATING`. For
# UpdateInstance, the state must be
# either omitted or set to `READY`.
- "nodeCount": 42, # Required. The number of nodes allocated to this instance.
+ "nodeCount": 42, # Required. The number of nodes allocated to this instance. This may be zero
+ # in API responses for instances that are not yet in state `READY`.
+ #
+ # See [the
+ # documentation](https://cloud.google.com/spanner/docs/instances#node_count)
+ # for more information about nodes.
"config": "A String", # Required. The name of the instance's configuration. Values are of the form
# `projects/<project>/instanceConfigs/<configuration>`. See
# also InstanceConfig and
@@ -862,40 +771,24 @@
# long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If true, the operation is completed, and either `error` or `response` is
- # available.
- "response": { # The normal response of the operation in case of success. If the original
- # method returns no data on success, such as `Delete`, the response is
- # `google.protobuf.Empty`. If the original method is standard
- # `Get`/`Create`/`Update`, the response should be the resource. For other
- # methods, the response should have the type `XxxResponse`, where `Xxx`
- # is the original method name. For example, if the original method name
- # is `TakeSnapshot()`, the inferred response type is
- # `TakeSnapshotResponse`.
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should have the format of `operations/some/unique/name`.
- "error": { # The `Status` type defines a logical error model that is suitable for different # The error result of the operation in case of failure or cancellation.
- # programming environments, including REST APIs and RPC APIs. It is used by
- # [gRPC](https://github.com/grpc). The error model is designed to be:
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). The error model is designed to be:
#
# - Simple to use and understand for most users
# - Flexible enough to meet unexpected needs
#
# # Overview
#
- # The `Status` message contains three pieces of data: error code, error message,
- # and error details. The error code should be an enum value of
+ # The `Status` message contains three pieces of data: error code, error
+ # message, and error details. The error code should be an enum value of
# google.rpc.Code, but it may accept additional error codes if needed. The
# error message should be a developer-facing English message that helps
# developers *understand* and *resolve* the error. If a localized user-facing
# error message is needed, put the localized message in the error details or
# localize it in the client. The optional error details may contain arbitrary
# information about the error. There is a predefined set of error detail types
- # in the package `google.rpc` which can be used for common error conditions.
+ # in the package `google.rpc` that can be used for common error conditions.
#
# # Language mapping
#
@@ -918,7 +811,7 @@
# errors.
#
# - Workflow errors. A typical workflow has multiple steps. Each step may
- # have a `Status` message for error reporting purpose.
+ # have a `Status` message for error reporting.
#
# - Batch operations. If a client uses batch request and batch response, the
# `Status` message should be used directly inside batch response, one for
@@ -934,13 +827,29 @@
# user-facing error message should be localized and sent in the
# google.rpc.Status.details field, or localized by the client.
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
- "details": [ # A list of messages that carry the error details. There will be a
- # common set of message types for APIs to use.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
},
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
+ "response": { # The normal response of the operation in case of success. If the original
+ # method returns no data on success, such as `Delete`, the response is
+ # `google.protobuf.Empty`. If the original method is standard
+ # `Get`/`Create`/`Update`, the response should be the resource. For other
+ # methods, the response should have the type `XxxResponse`, where `Xxx`
+ # is the original method name. For example, if the original method name
+ # is `TakeSnapshot()`, the inferred response type is
+ # `TakeSnapshotResponse`.
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
}</pre>
</div>
@@ -965,12 +874,12 @@
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
@@ -980,7 +889,7 @@
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
@@ -990,170 +899,27 @@
# ]
# }
#
+ # **YAML Example**
+ #
+ # bindings:
+ # - members:
+ # - user:mike@example.com
+ # - group:admins@example.com
+ # - domain:google.com
+ # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # - members:
+ # - user:sean@example.com
+ # role: roles/viewer
+ #
+ #
# For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
- "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
- { # Specifies the audit configuration for a service.
- # The configuration determines which permission types are logged, and what
- # identities, if any, are exempted from logging.
- # An AuditConifg must have one or more AuditLogConfigs.
- #
- # If there are AuditConfigs for both `allServices` and a specific service,
- # the union of the two AuditConfigs is used for that service: the log_types
- # specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditConfig are exempted.
- #
- # Example Policy with multiple AuditConfigs:
- #
- # {
- # "audit_configs": [
- # {
- # "service": "allServices"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:foo@gmail.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # },
- # {
- # "log_type": "ADMIN_READ",
- # }
- # ]
- # },
- # {
- # "service": "fooservice.googleapis.com"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # },
- # {
- # "log_type": "DATA_WRITE",
- # "exempted_members": [
- # "user:bar@gmail.com"
- # ]
- # }
- # ]
- # }
- # ]
- # }
- #
- # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
- # logging. It also exempts foo@gmail.com from DATA_READ logging, and
- # bar@gmail.com from DATA_WRITE logging.
- "exemptedMembers": [
- "A String",
- ],
- "auditLogConfigs": [ # The configuration for logging of each type of permission.
- # Next ID: 4
- { # Provides the configuration for logging a type of permissions.
- # Example:
- #
- # {
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:foo@gmail.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # }
- # ]
- # }
- #
- # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
- # foo@gmail.com from DATA_READ logging.
- "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
- # permission.
- # Follows the same format of Binding.members.
- "A String",
- ],
- "logType": "A String", # The log type that this config enables.
- },
- ],
- "service": "A String", # Specifies a service that will be enabled for audit logging.
- # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
- # `allServices` is a special value that covers all services.
- },
- ],
- "rules": [ # If more than one rule is specified, the rules are applied in the following
- # manner:
- # - All matching LOG rules are always applied.
- # - If any DENY/DENY_WITH_LOG rule matches, permission is denied.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is
- # granted.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if no rule applies, permission is denied.
- { # A rule to be applied in a Policy.
- "notIn": [ # If one or more 'not_in' clauses are specified, the rule matches
- # if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
- # The format for in and not_in entries is the same as for members in a
- # Binding (see google/iam/v1/policy.proto).
- "A String",
- ],
- "description": "A String", # Human-readable description of the rule.
- "in": [ # If one or more 'in' clauses are specified, the rule matches if
- # the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
- "A String",
- ],
- "action": "A String", # Required
- "conditions": [ # Additional restrictions that must be met
- { # A condition to be met.
- "iam": "A String", # Trusted attributes supplied by the IAM system.
- "svc": "A String", # Trusted attributes discharged by the service.
- "value": "A String", # DEPRECATED. Use 'values' instead.
- "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses
- # the IAM system for access control.
- "values": [ # The objects of the condition. This is mutually exclusive with 'value'.
- "A String",
- ],
- "op": "A String", # An operator to apply the subject with.
- },
- ],
- "logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries
- # that match the LOG action.
- { # Specifies what kind of log the caller must write
- "counter": { # Options for counters # Counter options.
- "field": "A String", # The field value to attribute.
- "metric": "A String", # The metric to update.
- },
- "dataAccess": { # Write a Data Access (Gin) log # Data access options.
- },
- "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
- },
- },
- ],
- "permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'
- # (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,
- # and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
- "A String",
- ],
- },
- ],
- "version": 42, # Version of the `Policy`. The default version is 0.
- "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
- # prevent simultaneous updates of a policy from overwriting each other.
- # It is strongly suggested that systems make use of the `etag` in the
- # read-modify-write cycle to perform policy updates in order to avoid race
- # conditions: An `etag` is returned in the response to `getIamPolicy`, and
- # systems are expected to put that etag in the request to `setIamPolicy` to
- # ensure that their change will be applied to the same version of the policy.
- #
- # If no `etag` is provided in the call to `setIamPolicy`, then the existing
- # policy is overwritten blindly.
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
"bindings": [ # Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
# `bindings` with no members will result in an error.
{ # Associates `members` with a `role`.
"role": "A String", # Role that is assigned to `members`.
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
"members": [ # Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
#
@@ -1164,7 +930,7 @@
# who is authenticated with a Google account or a service account.
#
# * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
+ # account. For example, `alice@gmail.com` .
#
#
# * `serviceAccount:{emailid}`: An email address that represents a service
@@ -1173,20 +939,47 @@
# * `group:{emailid}`: An email address that represents a Google group.
# For example, `admins@example.com`.
#
- # * `domain:{domain}`: A Google Apps domain name that represents all the
+ #
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
# users of that domain. For example, `google.com` or `example.com`.
#
"A String",
],
+ "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
+ #
+ # title: "User account presence"
+ # description: "Determines whether the request has a user account"
+ # expression: "size(request.user) > 0"
+ "location": "A String", # An optional string indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
+ "expression": "A String", # Textual representation of an expression in
+ # Common Expression Language syntax.
+ #
+ # The application context of the containing message determines which
+ # well-known feature set of CEL is supported.
+ "description": "A String", # An optional description of the expression. This is a longer text which
+ # describes the expression, e.g. when hovered over it in a UI.
+ "title": "A String", # An optional title for the expression, i.e. a short string describing
+ # its purpose. This can be used e.g. in UIs which allow to enter the
+ # expression.
+ },
},
],
- "iamOwned": True or False,
+ "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
+ # prevent simultaneous updates of a policy from overwriting each other.
+ # It is strongly suggested that systems make use of the `etag` in the
+ # read-modify-write cycle to perform policy updates in order to avoid race
+ # conditions: An `etag` is returned in the response to `getIamPolicy`, and
+ # systems are expected to put that etag in the request to `setIamPolicy` to
+ # ensure that their change will be applied to the same version of the policy.
+ #
+ # If no `etag` is provided in the call to `setIamPolicy`, then the existing
+ # policy is overwritten blindly.
+ "version": 42, # Deprecated.
},
- "updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
- # the fields in the mask will be modified. If no mask is provided, the
- # following default mask is used:
- # paths: "bindings, etag"
- # This field is only used by Cloud IAM.
}
x__xgafv: string, V1 error format.
@@ -1201,12 +994,12 @@
# specify access control policies for Cloud Platform resources.
#
#
- # A `Policy` consists of a list of `bindings`. A `Binding` binds a list of
+ # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
# `members` to a `role`, where the members can be user accounts, Google groups,
# Google domains, and service accounts. A `role` is a named list of permissions
# defined by IAM.
#
- # **Example**
+ # **JSON Example**
#
# {
# "bindings": [
@@ -1216,7 +1009,7 @@
# "user:mike@example.com",
# "group:admins@example.com",
# "domain:google.com",
- # "serviceAccount:my-other-app@appspot.gserviceaccount.com",
+ # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
# ]
# },
# {
@@ -1226,170 +1019,27 @@
# ]
# }
#
+ # **YAML Example**
+ #
+ # bindings:
+ # - members:
+ # - user:mike@example.com
+ # - group:admins@example.com
+ # - domain:google.com
+ # - serviceAccount:my-other-app@appspot.gserviceaccount.com
+ # role: roles/owner
+ # - members:
+ # - user:sean@example.com
+ # role: roles/viewer
+ #
+ #
# For a description of IAM and its features, see the
- # [IAM developer's guide](https://cloud.google.com/iam).
- "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
- { # Specifies the audit configuration for a service.
- # The configuration determines which permission types are logged, and what
- # identities, if any, are exempted from logging.
- # An AuditConifg must have one or more AuditLogConfigs.
- #
- # If there are AuditConfigs for both `allServices` and a specific service,
- # the union of the two AuditConfigs is used for that service: the log_types
- # specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditConfig are exempted.
- #
- # Example Policy with multiple AuditConfigs:
- #
- # {
- # "audit_configs": [
- # {
- # "service": "allServices"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:foo@gmail.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # },
- # {
- # "log_type": "ADMIN_READ",
- # }
- # ]
- # },
- # {
- # "service": "fooservice.googleapis.com"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # },
- # {
- # "log_type": "DATA_WRITE",
- # "exempted_members": [
- # "user:bar@gmail.com"
- # ]
- # }
- # ]
- # }
- # ]
- # }
- #
- # For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
- # logging. It also exempts foo@gmail.com from DATA_READ logging, and
- # bar@gmail.com from DATA_WRITE logging.
- "exemptedMembers": [
- "A String",
- ],
- "auditLogConfigs": [ # The configuration for logging of each type of permission.
- # Next ID: 4
- { # Provides the configuration for logging a type of permissions.
- # Example:
- #
- # {
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:foo@gmail.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # }
- # ]
- # }
- #
- # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
- # foo@gmail.com from DATA_READ logging.
- "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
- # permission.
- # Follows the same format of Binding.members.
- "A String",
- ],
- "logType": "A String", # The log type that this config enables.
- },
- ],
- "service": "A String", # Specifies a service that will be enabled for audit logging.
- # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
- # `allServices` is a special value that covers all services.
- },
- ],
- "rules": [ # If more than one rule is specified, the rules are applied in the following
- # manner:
- # - All matching LOG rules are always applied.
- # - If any DENY/DENY_WITH_LOG rule matches, permission is denied.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is
- # granted.
- # Logging will be applied if one or more matching rule requires logging.
- # - Otherwise, if no rule applies, permission is denied.
- { # A rule to be applied in a Policy.
- "notIn": [ # If one or more 'not_in' clauses are specified, the rule matches
- # if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.
- # The format for in and not_in entries is the same as for members in a
- # Binding (see google/iam/v1/policy.proto).
- "A String",
- ],
- "description": "A String", # Human-readable description of the rule.
- "in": [ # If one or more 'in' clauses are specified, the rule matches if
- # the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.
- "A String",
- ],
- "action": "A String", # Required
- "conditions": [ # Additional restrictions that must be met
- { # A condition to be met.
- "iam": "A String", # Trusted attributes supplied by the IAM system.
- "svc": "A String", # Trusted attributes discharged by the service.
- "value": "A String", # DEPRECATED. Use 'values' instead.
- "sys": "A String", # Trusted attributes supplied by any service that owns resources and uses
- # the IAM system for access control.
- "values": [ # The objects of the condition. This is mutually exclusive with 'value'.
- "A String",
- ],
- "op": "A String", # An operator to apply the subject with.
- },
- ],
- "logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries
- # that match the LOG action.
- { # Specifies what kind of log the caller must write
- "counter": { # Options for counters # Counter options.
- "field": "A String", # The field value to attribute.
- "metric": "A String", # The metric to update.
- },
- "dataAccess": { # Write a Data Access (Gin) log # Data access options.
- },
- "cloudAudit": { # Write a Cloud Audit log # Cloud audit options.
- },
- },
- ],
- "permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'
- # (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,
- # and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.
- "A String",
- ],
- },
- ],
- "version": 42, # Version of the `Policy`. The default version is 0.
- "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
- # prevent simultaneous updates of a policy from overwriting each other.
- # It is strongly suggested that systems make use of the `etag` in the
- # read-modify-write cycle to perform policy updates in order to avoid race
- # conditions: An `etag` is returned in the response to `getIamPolicy`, and
- # systems are expected to put that etag in the request to `setIamPolicy` to
- # ensure that their change will be applied to the same version of the policy.
- #
- # If no `etag` is provided in the call to `setIamPolicy`, then the existing
- # policy is overwritten blindly.
+ # [IAM developer's guide](https://cloud.google.com/iam/docs).
"bindings": [ # Associates a list of `members` to a `role`.
- # Multiple `bindings` must not be specified for the same `role`.
# `bindings` with no members will result in an error.
{ # Associates `members` with a `role`.
"role": "A String", # Role that is assigned to `members`.
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
- # Required
"members": [ # Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
#
@@ -1400,7 +1050,7 @@
# who is authenticated with a Google account or a service account.
#
# * `user:{emailid}`: An email address that represents a specific Google
- # account. For example, `alice@gmail.com` or `joe@example.com`.
+ # account. For example, `alice@gmail.com` .
#
#
# * `serviceAccount:{emailid}`: An email address that represents a service
@@ -1409,14 +1059,46 @@
# * `group:{emailid}`: An email address that represents a Google group.
# For example, `admins@example.com`.
#
- # * `domain:{domain}`: A Google Apps domain name that represents all the
+ #
+ # * `domain:{domain}`: The G Suite domain (primary) that represents all the
# users of that domain. For example, `google.com` or `example.com`.
#
"A String",
],
+ "condition": { # Represents an expression text. Example: # The condition that is associated with this binding.
+ # NOTE: An unsatisfied condition will not allow user access via current
+ # binding. Different bindings, including their conditions, are examined
+ # independently.
+ #
+ # title: "User account presence"
+ # description: "Determines whether the request has a user account"
+ # expression: "size(request.user) > 0"
+ "location": "A String", # An optional string indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
+ "expression": "A String", # Textual representation of an expression in
+ # Common Expression Language syntax.
+ #
+ # The application context of the containing message determines which
+ # well-known feature set of CEL is supported.
+ "description": "A String", # An optional description of the expression. This is a longer text which
+ # describes the expression, e.g. when hovered over it in a UI.
+ "title": "A String", # An optional title for the expression, i.e. a short string describing
+ # its purpose. This can be used e.g. in UIs which allow to enter the
+ # expression.
+ },
},
],
- "iamOwned": True or False,
+ "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
+ # prevent simultaneous updates of a policy from overwriting each other.
+ # It is strongly suggested that systems make use of the `etag` in the
+ # read-modify-write cycle to perform policy updates in order to avoid race
+ # conditions: An `etag` is returned in the response to `getIamPolicy`, and
+ # systems are expected to put that etag in the request to `setIamPolicy` to
+ # ensure that their change will be applied to the same version of the policy.
+ #
+ # If no `etag` is provided in the call to `setIamPolicy`, then the existing
+ # policy is overwritten blindly.
+ "version": 42, # Deprecated.
}</pre>
</div>