commit 815c1ac7e3f7c7ea6df920645adb8cba84b05c22
author yoshi-code-bot <70984784+yoshi-code-bot@users.noreply.github.com> Mon Nov 15 23:24:17 2021 -0800
committer GitHub <noreply@github.com> Tue Nov 16 07:24:17 2021 +0000
tree dfb7055cbe45062e6af6eb8f8169eb2c9089bfcd
parent 5844ca20262b98c2c52100806a08c8c49a4e8a6d

chore: Update discovery artifacts (#1603)

## Deleted keys were detected in the following stable discovery artifacts:
containeranalysis v1 https://github.com/googleapis/google-api-python-client/commit/618985bd0fa3f0380152e8d33e3b30ba465e1f2d
documentai v1 https://github.com/googleapis/google-api-python-client/commit/3ba31828b05604eaa23101d681354b39c75d712d
recaptchaenterprise v1 https://github.com/googleapis/google-api-python-client/commit/ff95700fce7de8bc2a58be64890740140532f865

## Deleted keys were detected in the following pre-stable discovery artifacts:
containeranalysis v1alpha1 https://github.com/googleapis/google-api-python-client/commit/618985bd0fa3f0380152e8d33e3b30ba465e1f2d
containeranalysis v1beta1 https://github.com/googleapis/google-api-python-client/commit/618985bd0fa3f0380152e8d33e3b30ba465e1f2d
documentai v1beta3 https://github.com/googleapis/google-api-python-client/commit/3ba31828b05604eaa23101d681354b39c75d712d

## Discovery Artifact Change Summary:
feat(bigtableadmin): update the api https://github.com/googleapis/google-api-python-client/commit/be7ffcca66cdcb1dfcd9849538772914c90b3ea0
feat(chromemanagement): update the api https://github.com/googleapis/google-api-python-client/commit/59c97996091063cdad497be989d168ec1e71a178
feat(cloudasset): update the api https://github.com/googleapis/google-api-python-client/commit/60f5758b975a9bbac044b9005601c5c026125137
feat(cloudfunctions): update the api https://github.com/googleapis/google-api-python-client/commit/c517033bea4e84d1c118f77df38e2f33b3741ec2
feat(contactcenterinsights): update the api https://github.com/googleapis/google-api-python-client/commit/9ac9faa70c053fd1f5b2de7b6ef5947a04270dba
feat(containeranalysis): update the api https://github.com/googleapis/google-api-python-client/commit/618985bd0fa3f0380152e8d33e3b30ba465e1f2d
feat(datapipelines): update the api https://github.com/googleapis/google-api-python-client/commit/a39bb0f9b41255adf6c790130931f64a153ac0e8
feat(datastore): update the api https://github.com/googleapis/google-api-python-client/commit/5050adbdc30c4247e2454a7e063c7f7ea2724bc0
feat(dialogflow): update the api https://github.com/googleapis/google-api-python-client/commit/fd46c128ec3d0679283e3cddb1c40eb8b5f3728a
feat(documentai): update the api https://github.com/googleapis/google-api-python-client/commit/3ba31828b05604eaa23101d681354b39c75d712d
feat(drive): update the api https://github.com/googleapis/google-api-python-client/commit/b1840b06a09ec22db69d757706aa98d2bf536a49
feat(file): update the api https://github.com/googleapis/google-api-python-client/commit/b13a2490844c5c84c42e26c7e5bafdf700e689df
feat(gkehub): update the api https://github.com/googleapis/google-api-python-client/commit/37cce48342813c865a2704ca06841f1801ebb60c
feat(healthcare): update the api https://github.com/googleapis/google-api-python-client/commit/8d1f955971aae9e0e4b7956906e43382fcf57d20
feat(metastore): update the api https://github.com/googleapis/google-api-python-client/commit/9c90df783a1fac104920100158ddb7c88d461545
feat(monitoring): update the api https://github.com/googleapis/google-api-python-client/commit/bf890b636ae02bb1d84e050df052fa341a29a4c1
feat(mybusinessbusinessinformation): update the api https://github.com/googleapis/google-api-python-client/commit/90e206c145790d0f9a78bbd7acb2667796868db7
feat(paymentsresellersubscription): update the api https://github.com/googleapis/google-api-python-client/commit/c8796544acc40e330276b7777c728782217b1bb4
feat(recaptchaenterprise): update the api https://github.com/googleapis/google-api-python-client/commit/ff95700fce7de8bc2a58be64890740140532f865
feat(recommender): update the api https://github.com/googleapis/google-api-python-client/commit/d85fe38478c2cb56b3694e6890f6d53c367e057d
feat(securitycenter): update the api https://github.com/googleapis/google-api-python-client/commit/35a6d4e716f26c77b3588f28d3097871a29dea7e
feat(speech): update the api https://github.com/googleapis/google-api-python-client/commit/13f1bcb6311e0ea11ad60a29713c1a0a1fe22f42
feat(sqladmin): update the api https://github.com/googleapis/google-api-python-client/commit/770bc14b5f95b525bd04e40378a718a38ac31a0d
feat(tpu): update the api https://github.com/googleapis/google-api-python-client/commit/ea30e3a05539e4de70e385a34490153f32c16789
feat(vmmigration): update the api https://github.com/googleapis/google-api-python-client/commit/80e20909242c4bde06b8adc3afecf1141be34f45

docs/dyn/admin_directory_v1.chromeosdevices.html

diff --git a/docs/dyn/admin_directory_v1.chromeosdevices.html b/docs/dyn/admin_directory_v1.chromeosdevices.html
index 3a133b9..88bcdb1 100644
--- a/docs/dyn/admin_directory_v1.chromeosdevices.html
+++ b/docs/dyn/admin_directory_v1.chromeosdevices.html
@@ -295,7 +295,7 @@
     Allowed values
       BASIC - Includes only the basic metadata fields (e.g., deviceId, serialNumber, status, and user)
       FULL - Includes all metadata fields
-  query: string, Search string in the format given at http://support.google.com/chromeos/a/bin/answer.py?answer=1698333
+  query: string, Search string in the format given at https://developers.google.com/admin-sdk/directory/v1/list-query-operators
   sortOrder: string, Whether to return results in ascending or descending order. Must be used with the `orderBy` parameter.
     Allowed values
       ASCENDING - Ascending order.

docs/dyn/analyticsdata_v1beta.properties.html

diff --git a/docs/dyn/analyticsdata_v1beta.properties.html b/docs/dyn/analyticsdata_v1beta.properties.html
index 6182af3..eb7b49c 100644
--- a/docs/dyn/analyticsdata_v1beta.properties.html
+++ b/docs/dyn/analyticsdata_v1beta.properties.html
@@ -200,7 +200,7 @@
               "dimensionName": "A String", # Name of a dimension. The name must refer back to a name in dimensions field of the request.
             },
           },
-          "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
+          "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
         },
       ],
       "keepEmptyRows": True or False, # If false or unspecified, each row with all metrics equal to 0 will not be returned. If true, these rows will be returned if they are not separately removed by a filter.
@@ -252,7 +252,7 @@
         { # The quantitative measurements of a report. For example, the metric `eventCount` is the total number of events. Requests are allowed up to 10 metrics.
           "expression": "A String", # A mathematical expression for derived metrics. For example, the metric Event count per user is `eventCount/totalUsers`.
           "invisible": True or False, # Indicates if a metric is invisible in the report response. If a metric is invisible, the metric will not produce a column in the response, but can be used in `metricFilter`, `orderBys`, or a metric `expression`.
-          "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
+          "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
         },
       ],
       "pivots": [ # Describes the visual format of the report's dimensions in columns or rows. The union of the fieldNames (dimension names) in all pivots must be a subset of dimension names defined in Dimensions. No two pivots can share a dimension. A dimension is only visible if it appears in a pivot.
@@ -504,7 +504,7 @@
               "dimensionName": "A String", # Name of a dimension. The name must refer back to a name in dimensions field of the request.
             },
           },
-          "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
+          "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
         },
       ],
       "keepEmptyRows": True or False, # If false or unspecified, each row with all metrics equal to 0 will not be returned. If true, these rows will be returned if they are not separately removed by a filter.
@@ -560,7 +560,7 @@
         { # The quantitative measurements of a report. For example, the metric `eventCount` is the total number of events. Requests are allowed up to 10 metrics.
           "expression": "A String", # A mathematical expression for derived metrics. For example, the metric Event count per user is `eventCount/totalUsers`.
           "invisible": True or False, # Indicates if a metric is invisible in the report response. If a metric is invisible, the metric will not produce a column in the response, but can be used in `metricFilter`, `orderBys`, or a metric `expression`.
-          "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
+          "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
         },
       ],
       "offset": "A String", # The row count of the start row. The first row is counted as row 0. When paging, the first request does not specify offset; or equivalently, sets offset to 0; the first request returns the first `limit` of rows. The second request sets offset to the `limit` of the first request; the second request returns the second `limit` of rows. To learn more about this pagination parameter, see [Pagination](https://developers.google.com/analytics/devguides/reporting/data/v1/basics#pagination).
@@ -786,7 +786,7 @@
           "dimensionName": "A String", # Name of a dimension. The name must refer back to a name in dimensions field of the request.
         },
       },
-      "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
+      "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
     },
   ],
   "metricFilter": { # To express dimension or metric filters. The fields in the same FilterExpression need to be either all dimensions or all metrics. # The filter clause of metrics. `metricFilter` should be the same value as in your `runReport` request
@@ -837,7 +837,7 @@
     { # The quantitative measurements of a report. For example, the metric `eventCount` is the total number of events. Requests are allowed up to 10 metrics.
       "expression": "A String", # A mathematical expression for derived metrics. For example, the metric Event count per user is `eventCount/totalUsers`.
       "invisible": True or False, # Indicates if a metric is invisible in the report response. If a metric is invisible, the metric will not produce a column in the response, but can be used in `metricFilter`, `orderBys`, or a metric `expression`.
-      "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
+      "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
     },
   ],
 }
@@ -1041,7 +1041,7 @@
           "dimensionName": "A String", # Name of a dimension. The name must refer back to a name in dimensions field of the request.
         },
       },
-      "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
+      "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
     },
   ],
   "keepEmptyRows": True or False, # If false or unspecified, each row with all metrics equal to 0 will not be returned. If true, these rows will be returned if they are not separately removed by a filter.
@@ -1093,7 +1093,7 @@
     { # The quantitative measurements of a report. For example, the metric `eventCount` is the total number of events. Requests are allowed up to 10 metrics.
       "expression": "A String", # A mathematical expression for derived metrics. For example, the metric Event count per user is `eventCount/totalUsers`.
       "invisible": True or False, # Indicates if a metric is invisible in the report response. If a metric is invisible, the metric will not produce a column in the response, but can be used in `metricFilter`, `orderBys`, or a metric `expression`.
-      "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
+      "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
     },
   ],
   "pivots": [ # Describes the visual format of the report's dimensions in columns or rows. The union of the fieldNames (dimension names) in all pivots must be a subset of dimension names defined in Dimensions. No two pivots can share a dimension. A dimension is only visible if it appears in a pivot.
@@ -1307,7 +1307,7 @@
           "dimensionName": "A String", # Name of a dimension. The name must refer back to a name in dimensions field of the request.
         },
       },
-      "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
+      "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
     },
   ],
   "limit": "A String", # The number of rows to return. If unspecified, 10,000 rows are returned. The API returns a maximum of 100,000 rows per request, no matter how many you ask for. `limit` must be positive. The API can also return fewer rows than the requested `limit`, if there aren't as many dimension values as the `limit`. For instance, there are fewer than 300 possible values for the dimension `country`, so when reporting on only `country`, you can't get more than 300 rows, even if you set `limit` to a higher value.
@@ -1362,7 +1362,7 @@
     { # The quantitative measurements of a report. For example, the metric `eventCount` is the total number of events. Requests are allowed up to 10 metrics.
       "expression": "A String", # A mathematical expression for derived metrics. For example, the metric Event count per user is `eventCount/totalUsers`.
       "invisible": True or False, # Indicates if a metric is invisible in the report response. If a metric is invisible, the metric will not produce a column in the response, but can be used in `metricFilter`, `orderBys`, or a metric `expression`.
-      "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
+      "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
     },
   ],
   "minuteRanges": [ # The minute ranges of event data to read. If unspecified, one minute range for the last 30 minutes will be used. If multiple minute ranges are requested, each response row will contain a zero based minute range index. If two minute ranges overlap, the event data for the overlapping minutes is included in the response rows for both minute ranges.
@@ -1598,7 +1598,7 @@
           "dimensionName": "A String", # Name of a dimension. The name must refer back to a name in dimensions field of the request.
         },
       },
-      "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
+      "name": "A String", # The name of the dimension. See the [API Dimensions](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#dimensions) for the list of dimension names. If `dimensionExpression` is specified, `name` can be any string that you would like within the allowed character set. For example if a `dimensionExpression` concatenates `country` and `city`, you could call that dimension `countryAndCity`. Dimension names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Dimensions are referenced by `name` in `dimensionFilter`, `orderBys`, `dimensionExpression`, and `pivots`.
     },
   ],
   "keepEmptyRows": True or False, # If false or unspecified, each row with all metrics equal to 0 will not be returned. If true, these rows will be returned if they are not separately removed by a filter.
@@ -1654,7 +1654,7 @@
     { # The quantitative measurements of a report. For example, the metric `eventCount` is the total number of events. Requests are allowed up to 10 metrics.
       "expression": "A String", # A mathematical expression for derived metrics. For example, the metric Event count per user is `eventCount/totalUsers`.
       "invisible": True or False, # Indicates if a metric is invisible in the report response. If a metric is invisible, the metric will not produce a column in the response, but can be used in `metricFilter`, `orderBys`, or a metric `expression`.
-      "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression "^[a-zA-Z0-9_]$". Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
+      "name": "A String", # The name of the metric. See the [API Metrics](https://developers.google.com/analytics/devguides/reporting/data/v1/api-schema#metrics) for the list of metric names. If `expression` is specified, `name` can be any string that you would like within the allowed character set. For example if `expression` is `screenPageViews/sessions`, you could call that metric's name = `viewsPerSession`. Metric names that you choose must match the regular expression `^[a-zA-Z0-9_]$`. Metrics are referenced by `name` in `metricFilter`, `orderBys`, and metric `expression`.
     },
   ],
   "offset": "A String", # The row count of the start row. The first row is counted as row 0. When paging, the first request does not specify offset; or equivalently, sets offset to 0; the first request returns the first `limit` of rows. The second request sets offset to the `limit` of the first request; the second request returns the second `limit` of rows. To learn more about this pagination parameter, see [Pagination](https://developers.google.com/analytics/devguides/reporting/data/v1/basics#pagination).

docs/dyn/authorizedbuyersmarketplace_v1.buyers.finalizedDeals.html

diff --git a/docs/dyn/authorizedbuyersmarketplace_v1.buyers.finalizedDeals.html b/docs/dyn/authorizedbuyersmarketplace_v1.buyers.finalizedDeals.html
index 4895b9c..31e4077 100644
--- a/docs/dyn/authorizedbuyersmarketplace_v1.buyers.finalizedDeals.html
+++ b/docs/dyn/authorizedbuyersmarketplace_v1.buyers.finalizedDeals.html
@@ -834,7 +834,7 @@
     The object takes the form of:
 
 { # Request message for pausing a finalized deal.
-  "reason": "A String", # The reason to pause the finalized deal, will be displayed to the seller. Maximum length is 1000 characters.
+  "reason": "A String", # Required. The reason to pause the finalized deal, will be displayed to the seller. Maximum length is 1000 characters.
 }
 
   x__xgafv: string, V1 error format.

docs/dyn/bigtableadmin_v2.projects.instances.clusters.backups.html

diff --git a/docs/dyn/bigtableadmin_v2.projects.instances.clusters.backups.html b/docs/dyn/bigtableadmin_v2.projects.instances.clusters.backups.html
index 366af2e..05c2e8e 100644
--- a/docs/dyn/bigtableadmin_v2.projects.instances.clusters.backups.html
+++ b/docs/dyn/bigtableadmin_v2.projects.instances.clusters.backups.html
@@ -251,7 +251,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -265,18 +265,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -420,7 +420,7 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
       { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -434,18 +434,18 @@
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
       },
     ],
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -462,7 +462,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -476,18 +476,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/bigtableadmin_v2.projects.instances.clusters.html

diff --git a/docs/dyn/bigtableadmin_v2.projects.instances.clusters.html b/docs/dyn/bigtableadmin_v2.projects.instances.clusters.html
index a5440eb..3257ff8 100644
--- a/docs/dyn/bigtableadmin_v2.projects.instances.clusters.html
+++ b/docs/dyn/bigtableadmin_v2.projects.instances.clusters.html
@@ -119,6 +119,17 @@
     The object takes the form of:
 
 { # A resizable group of nodes in a particular cloud location, capable of serving all Tables in the parent Instance.
+  "clusterConfig": { # Configuration for a cluster. # Configuration for this cluster.
+    "clusterAutoscalingConfig": { # Autoscaling config for a cluster. # Autoscaling configuration for this cluster. Note that when creating or updating a cluster, exactly one of serve_nodes or cluster_autoscaling_config must be set. If serve_nodes is set, then serve_nodes is fixed and autoscaling is turned off. If cluster_autoscaling_config is set, then serve_nodes will be autoscaled.
+      "autoscalingLimits": { # Limits for the number of nodes a Cluster can autoscale up/down to. # Required. Autoscaling limits for this cluster.
+        "maxServeNodes": 42, # Required. Maximum number of nodes to scale up to.
+        "minServeNodes": 42, # Required. Minimum number of nodes to scale down to.
+      },
+      "autoscalingTargets": { # The Autoscaling targets for a Cluster. These determine the recommended nodes. # Required. Autoscaling targets for this cluster.
+        "cpuUtilizationPercent": 42, # The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization).
+      },
+    },
+  },
   "defaultStorageType": "A String", # Immutable. The type of storage used by this cluster to serve its parent instance's tables, unless explicitly overridden.
   "encryptionConfig": { # Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected cluster. # Immutable. The encryption configuration for CMEK-protected clusters.
     "kmsKeyName": "A String", # Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains this cluster must be granted the `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. 3) All clusters within an instance must use the same CMEK key. Values are of the form `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}`
@@ -192,6 +203,17 @@
   An object of the form:
 
     { # A resizable group of nodes in a particular cloud location, capable of serving all Tables in the parent Instance.
+  "clusterConfig": { # Configuration for a cluster. # Configuration for this cluster.
+    "clusterAutoscalingConfig": { # Autoscaling config for a cluster. # Autoscaling configuration for this cluster. Note that when creating or updating a cluster, exactly one of serve_nodes or cluster_autoscaling_config must be set. If serve_nodes is set, then serve_nodes is fixed and autoscaling is turned off. If cluster_autoscaling_config is set, then serve_nodes will be autoscaled.
+      "autoscalingLimits": { # Limits for the number of nodes a Cluster can autoscale up/down to. # Required. Autoscaling limits for this cluster.
+        "maxServeNodes": 42, # Required. Maximum number of nodes to scale up to.
+        "minServeNodes": 42, # Required. Minimum number of nodes to scale down to.
+      },
+      "autoscalingTargets": { # The Autoscaling targets for a Cluster. These determine the recommended nodes. # Required. Autoscaling targets for this cluster.
+        "cpuUtilizationPercent": 42, # The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization).
+      },
+    },
+  },
   "defaultStorageType": "A String", # Immutable. The type of storage used by this cluster to serve its parent instance's tables, unless explicitly overridden.
   "encryptionConfig": { # Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected cluster. # Immutable. The encryption configuration for CMEK-protected clusters.
     "kmsKeyName": "A String", # Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains this cluster must be granted the `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. 3) All clusters within an instance must use the same CMEK key. Values are of the form `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}`
@@ -221,6 +243,17 @@
     { # Response message for BigtableInstanceAdmin.ListClusters.
   "clusters": [ # The list of requested clusters.
     { # A resizable group of nodes in a particular cloud location, capable of serving all Tables in the parent Instance.
+      "clusterConfig": { # Configuration for a cluster. # Configuration for this cluster.
+        "clusterAutoscalingConfig": { # Autoscaling config for a cluster. # Autoscaling configuration for this cluster. Note that when creating or updating a cluster, exactly one of serve_nodes or cluster_autoscaling_config must be set. If serve_nodes is set, then serve_nodes is fixed and autoscaling is turned off. If cluster_autoscaling_config is set, then serve_nodes will be autoscaled.
+          "autoscalingLimits": { # Limits for the number of nodes a Cluster can autoscale up/down to. # Required. Autoscaling limits for this cluster.
+            "maxServeNodes": 42, # Required. Maximum number of nodes to scale up to.
+            "minServeNodes": 42, # Required. Minimum number of nodes to scale down to.
+          },
+          "autoscalingTargets": { # The Autoscaling targets for a Cluster. These determine the recommended nodes. # Required. Autoscaling targets for this cluster.
+            "cpuUtilizationPercent": 42, # The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization).
+          },
+        },
+      },
       "defaultStorageType": "A String", # Immutable. The type of storage used by this cluster to serve its parent instance's tables, unless explicitly overridden.
       "encryptionConfig": { # Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected cluster. # Immutable. The encryption configuration for CMEK-protected clusters.
         "kmsKeyName": "A String", # Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains this cluster must be granted the `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. 3) All clusters within an instance must use the same CMEK key. Values are of the form `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}`
@@ -262,6 +295,17 @@
     The object takes the form of:
 
 { # A resizable group of nodes in a particular cloud location, capable of serving all Tables in the parent Instance.
+  "clusterConfig": { # Configuration for a cluster. # Configuration for this cluster.
+    "clusterAutoscalingConfig": { # Autoscaling config for a cluster. # Autoscaling configuration for this cluster. Note that when creating or updating a cluster, exactly one of serve_nodes or cluster_autoscaling_config must be set. If serve_nodes is set, then serve_nodes is fixed and autoscaling is turned off. If cluster_autoscaling_config is set, then serve_nodes will be autoscaled.
+      "autoscalingLimits": { # Limits for the number of nodes a Cluster can autoscale up/down to. # Required. Autoscaling limits for this cluster.
+        "maxServeNodes": 42, # Required. Maximum number of nodes to scale up to.
+        "minServeNodes": 42, # Required. Minimum number of nodes to scale down to.
+      },
+      "autoscalingTargets": { # The Autoscaling targets for a Cluster. These determine the recommended nodes. # Required. Autoscaling targets for this cluster.
+        "cpuUtilizationPercent": 42, # The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization).
+      },
+    },
+  },
   "defaultStorageType": "A String", # Immutable. The type of storage used by this cluster to serve its parent instance's tables, unless explicitly overridden.
   "encryptionConfig": { # Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected cluster. # Immutable. The encryption configuration for CMEK-protected clusters.
     "kmsKeyName": "A String", # Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains this cluster must be granted the `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. 3) All clusters within an instance must use the same CMEK key. Values are of the form `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}`
@@ -312,6 +356,17 @@
     The object takes the form of:
 
 { # A resizable group of nodes in a particular cloud location, capable of serving all Tables in the parent Instance.
+  "clusterConfig": { # Configuration for a cluster. # Configuration for this cluster.
+    "clusterAutoscalingConfig": { # Autoscaling config for a cluster. # Autoscaling configuration for this cluster. Note that when creating or updating a cluster, exactly one of serve_nodes or cluster_autoscaling_config must be set. If serve_nodes is set, then serve_nodes is fixed and autoscaling is turned off. If cluster_autoscaling_config is set, then serve_nodes will be autoscaled.
+      "autoscalingLimits": { # Limits for the number of nodes a Cluster can autoscale up/down to. # Required. Autoscaling limits for this cluster.
+        "maxServeNodes": 42, # Required. Maximum number of nodes to scale up to.
+        "minServeNodes": 42, # Required. Minimum number of nodes to scale down to.
+      },
+      "autoscalingTargets": { # The Autoscaling targets for a Cluster. These determine the recommended nodes. # Required. Autoscaling targets for this cluster.
+        "cpuUtilizationPercent": 42, # The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization).
+      },
+    },
+  },
   "defaultStorageType": "A String", # Immutable. The type of storage used by this cluster to serve its parent instance's tables, unless explicitly overridden.
   "encryptionConfig": { # Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected cluster. # Immutable. The encryption configuration for CMEK-protected clusters.
     "kmsKeyName": "A String", # Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains this cluster must be granted the `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. 3) All clusters within an instance must use the same CMEK key. Values are of the form `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}`

docs/dyn/bigtableadmin_v2.projects.instances.html

diff --git a/docs/dyn/bigtableadmin_v2.projects.instances.html b/docs/dyn/bigtableadmin_v2.projects.instances.html
index 2a15500..eddd29d 100644
--- a/docs/dyn/bigtableadmin_v2.projects.instances.html
+++ b/docs/dyn/bigtableadmin_v2.projects.instances.html
@@ -140,6 +140,17 @@
 { # Request message for BigtableInstanceAdmin.CreateInstance.
   "clusters": { # Required. The clusters to be created within the instance, mapped by desired cluster ID, e.g., just `mycluster` rather than `projects/myproject/instances/myinstance/clusters/mycluster`. Fields marked `OutputOnly` must be left blank. Currently, at most four clusters can be specified.
     "a_key": { # A resizable group of nodes in a particular cloud location, capable of serving all Tables in the parent Instance.
+      "clusterConfig": { # Configuration for a cluster. # Configuration for this cluster.
+        "clusterAutoscalingConfig": { # Autoscaling config for a cluster. # Autoscaling configuration for this cluster. Note that when creating or updating a cluster, exactly one of serve_nodes or cluster_autoscaling_config must be set. If serve_nodes is set, then serve_nodes is fixed and autoscaling is turned off. If cluster_autoscaling_config is set, then serve_nodes will be autoscaled.
+          "autoscalingLimits": { # Limits for the number of nodes a Cluster can autoscale up/down to. # Required. Autoscaling limits for this cluster.
+            "maxServeNodes": 42, # Required. Maximum number of nodes to scale up to.
+            "minServeNodes": 42, # Required. Minimum number of nodes to scale down to.
+          },
+          "autoscalingTargets": { # The Autoscaling targets for a Cluster. These determine the recommended nodes. # Required. Autoscaling targets for this cluster.
+            "cpuUtilizationPercent": 42, # The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization).
+          },
+        },
+      },
       "defaultStorageType": "A String", # Immutable. The type of storage used by this cluster to serve its parent instance's tables, unless explicitly overridden.
       "encryptionConfig": { # Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected cluster. # Immutable. The encryption configuration for CMEK-protected clusters.
         "kmsKeyName": "A String", # Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains this cluster must be granted the `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. 3) All clusters within an instance must use the same CMEK key. Values are of the form `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}`
@@ -151,7 +162,7 @@
     },
   },
   "instance": { # A collection of Bigtable Tables and the resources that serve them. All tables in an instance are served from all Clusters in the instance. # Required. The instance to create. Fields marked `OutputOnly` must be left blank.
-    "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created.
+    "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created. For instances created before this field was added (August 2021), this value is `seconds: 0, nanos: 1`.
     "displayName": "A String", # Required. The descriptive name for this instance as it appears in UIs. Can be changed at any time, but should be kept globally unique to avoid confusion.
     "labels": { # Required. Labels are a flexible and lightweight mechanism for organizing cloud resources into groups that reflect a customer's organizational needs and deployment strategies. They can be used to filter resources and aggregate metrics. * Label keys must be between 1 and 63 characters long and must conform to the regular expression: `\p{Ll}\p{Lo}{0,62}`. * Label values must be between 0 and 63 characters long and must conform to the regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`. * No more than 64 labels can be associated with a given resource. * Keys and values must both be under 128 bytes.
       "a_key": "A String",
@@ -226,7 +237,7 @@
   An object of the form:
 
     { # A collection of Bigtable Tables and the resources that serve them. All tables in an instance are served from all Clusters in the instance.
-  "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created.
+  "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created. For instances created before this field was added (August 2021), this value is `seconds: 0, nanos: 1`.
   "displayName": "A String", # Required. The descriptive name for this instance as it appears in UIs. Can be changed at any time, but should be kept globally unique to avoid confusion.
   "labels": { # Required. Labels are a flexible and lightweight mechanism for organizing cloud resources into groups that reflect a customer's organizational needs and deployment strategies. They can be used to filter resources and aggregate metrics. * Label keys must be between 1 and 63 characters long and must conform to the regular expression: `\p{Ll}\p{Lo}{0,62}`. * Label values must be between 0 and 63 characters long and must conform to the regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`. * No more than 64 labels can be associated with a given resource. * Keys and values must both be under 128 bytes.
     "a_key": "A String",
@@ -260,7 +271,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -274,18 +285,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -314,7 +325,7 @@
   ],
   "instances": [ # The list of requested instances.
     { # A collection of Bigtable Tables and the resources that serve them. All tables in an instance are served from all Clusters in the instance.
-      "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created.
+      "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created. For instances created before this field was added (August 2021), this value is `seconds: 0, nanos: 1`.
       "displayName": "A String", # Required. The descriptive name for this instance as it appears in UIs. Can be changed at any time, but should be kept globally unique to avoid confusion.
       "labels": { # Required. Labels are a flexible and lightweight mechanism for organizing cloud resources into groups that reflect a customer's organizational needs and deployment strategies. They can be used to filter resources and aggregate metrics. * Label keys must be between 1 and 63 characters long and must conform to the regular expression: `\p{Ll}\p{Lo}{0,62}`. * Label values must be between 0 and 63 characters long and must conform to the regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`. * No more than 64 labels can be associated with a given resource. * Keys and values must both be under 128 bytes.
         "a_key": "A String",
@@ -352,7 +363,7 @@
     The object takes the form of:
 
 { # A collection of Bigtable Tables and the resources that serve them. All tables in an instance are served from all Clusters in the instance.
-  "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created.
+  "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created. For instances created before this field was added (August 2021), this value is `seconds: 0, nanos: 1`.
   "displayName": "A String", # Required. The descriptive name for this instance as it appears in UIs. Can be changed at any time, but should be kept globally unique to avoid confusion.
   "labels": { # Required. Labels are a flexible and lightweight mechanism for organizing cloud resources into groups that reflect a customer's organizational needs and deployment strategies. They can be used to filter resources and aggregate metrics. * Label keys must be between 1 and 63 characters long and must conform to the regular expression: `\p{Ll}\p{Lo}{0,62}`. * Label values must be between 0 and 63 characters long and must conform to the regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`. * No more than 64 labels can be associated with a given resource. * Keys and values must both be under 128 bytes.
     "a_key": "A String",
@@ -402,7 +413,7 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
       { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -416,18 +427,18 @@
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
       },
     ],
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -444,7 +455,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -458,18 +469,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -517,7 +528,7 @@
     The object takes the form of:
 
 { # A collection of Bigtable Tables and the resources that serve them. All tables in an instance are served from all Clusters in the instance.
-  "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created.
+  "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created. For instances created before this field was added (August 2021), this value is `seconds: 0, nanos: 1`.
   "displayName": "A String", # Required. The descriptive name for this instance as it appears in UIs. Can be changed at any time, but should be kept globally unique to avoid confusion.
   "labels": { # Required. Labels are a flexible and lightweight mechanism for organizing cloud resources into groups that reflect a customer's organizational needs and deployment strategies. They can be used to filter resources and aggregate metrics. * Label keys must be between 1 and 63 characters long and must conform to the regular expression: `\p{Ll}\p{Lo}{0,62}`. * Label values must be between 0 and 63 characters long and must conform to the regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`. * No more than 64 labels can be associated with a given resource. * Keys and values must both be under 128 bytes.
     "a_key": "A String",
@@ -536,7 +547,7 @@
   An object of the form:
 
     { # A collection of Bigtable Tables and the resources that serve them. All tables in an instance are served from all Clusters in the instance.
-  "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created.
+  "createTime": "A String", # Output only. A server-assigned timestamp representing when this Instance was created. For instances created before this field was added (August 2021), this value is `seconds: 0, nanos: 1`.
   "displayName": "A String", # Required. The descriptive name for this instance as it appears in UIs. Can be changed at any time, but should be kept globally unique to avoid confusion.
   "labels": { # Required. Labels are a flexible and lightweight mechanism for organizing cloud resources into groups that reflect a customer's organizational needs and deployment strategies. They can be used to filter resources and aggregate metrics. * Label keys must be between 1 and 63 characters long and must conform to the regular expression: `\p{Ll}\p{Lo}{0,62}`. * Label values must be between 0 and 63 characters long and must conform to the regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`. * No more than 64 labels can be associated with a given resource. * Keys and values must both be under 128 bytes.
     "a_key": "A String",

docs/dyn/bigtableadmin_v2.projects.instances.tables.html

diff --git a/docs/dyn/bigtableadmin_v2.projects.instances.tables.html b/docs/dyn/bigtableadmin_v2.projects.instances.tables.html
index 4f53dc4..736e7b4 100644
--- a/docs/dyn/bigtableadmin_v2.projects.instances.tables.html
+++ b/docs/dyn/bigtableadmin_v2.projects.instances.tables.html
@@ -445,7 +445,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -459,18 +459,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -738,7 +738,7 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
       { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -752,18 +752,18 @@
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
       },
     ],
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -780,7 +780,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -794,18 +794,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/binaryauthorization_v1.projects.attestors.html

diff --git a/docs/dyn/binaryauthorization_v1.projects.attestors.html b/docs/dyn/binaryauthorization_v1.projects.attestors.html
index 7d9115e..052e54b 100644
--- a/docs/dyn/binaryauthorization_v1.projects.attestors.html
+++ b/docs/dyn/binaryauthorization_v1.projects.attestors.html
@@ -234,7 +234,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/binaryauthorization_v1.projects.html

diff --git a/docs/dyn/binaryauthorization_v1.projects.html b/docs/dyn/binaryauthorization_v1.projects.html
index ed3b0cd..ff93348 100644
--- a/docs/dyn/binaryauthorization_v1.projects.html
+++ b/docs/dyn/binaryauthorization_v1.projects.html
@@ -137,7 +137,7 @@
   },
   "description": "A String", # Optional. A descriptive comment.
   "globalPolicyEvaluationMode": "A String", # Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.
-  "istioServiceIdentityAdmissionRules": { # Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe:///ns//sa/ or /ns//sa/ e.g. spiffe://example.com/ns/test-ns/sa/default
+  "istioServiceIdentityAdmissionRules": { # Optional. Per-istio-service-identity admission rules. Istio service identity spec format: `spiffe:///ns//sa/` or `/ns//sa/` e.g. `spiffe://example.com/ns/test-ns/sa/default`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -146,7 +146,7 @@
       ],
     },
   },
-  "kubernetesNamespaceAdmissionRules": { # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'
+  "kubernetesNamespaceAdmissionRules": { # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: `[a-z.-]+`, e.g. `some-namespace`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -155,7 +155,7 @@
       ],
     },
   },
-  "kubernetesServiceAccountAdmissionRules": { # Optional. Per-kubernetes-service-account admission rules. Service account spec format: `namespace:serviceaccount`. e.g. 'test-ns:default'
+  "kubernetesServiceAccountAdmissionRules": { # Optional. Per-kubernetes-service-account admission rules. Service account spec format: `namespace:serviceaccount`. e.g. `test-ns:default`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -202,7 +202,7 @@
   },
   "description": "A String", # Optional. A descriptive comment.
   "globalPolicyEvaluationMode": "A String", # Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.
-  "istioServiceIdentityAdmissionRules": { # Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe:///ns//sa/ or /ns//sa/ e.g. spiffe://example.com/ns/test-ns/sa/default
+  "istioServiceIdentityAdmissionRules": { # Optional. Per-istio-service-identity admission rules. Istio service identity spec format: `spiffe:///ns//sa/` or `/ns//sa/` e.g. `spiffe://example.com/ns/test-ns/sa/default`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -211,7 +211,7 @@
       ],
     },
   },
-  "kubernetesNamespaceAdmissionRules": { # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'
+  "kubernetesNamespaceAdmissionRules": { # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: `[a-z.-]+`, e.g. `some-namespace`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -220,7 +220,7 @@
       ],
     },
   },
-  "kubernetesServiceAccountAdmissionRules": { # Optional. Per-kubernetes-service-account admission rules. Service account spec format: `namespace:serviceaccount`. e.g. 'test-ns:default'
+  "kubernetesServiceAccountAdmissionRules": { # Optional. Per-kubernetes-service-account admission rules. Service account spec format: `namespace:serviceaccount`. e.g. `test-ns:default`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -265,7 +265,7 @@
   },
   "description": "A String", # Optional. A descriptive comment.
   "globalPolicyEvaluationMode": "A String", # Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.
-  "istioServiceIdentityAdmissionRules": { # Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe:///ns//sa/ or /ns//sa/ e.g. spiffe://example.com/ns/test-ns/sa/default
+  "istioServiceIdentityAdmissionRules": { # Optional. Per-istio-service-identity admission rules. Istio service identity spec format: `spiffe:///ns//sa/` or `/ns//sa/` e.g. `spiffe://example.com/ns/test-ns/sa/default`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -274,7 +274,7 @@
       ],
     },
   },
-  "kubernetesNamespaceAdmissionRules": { # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'
+  "kubernetesNamespaceAdmissionRules": { # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: `[a-z.-]+`, e.g. `some-namespace`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -283,7 +283,7 @@
       ],
     },
   },
-  "kubernetesServiceAccountAdmissionRules": { # Optional. Per-kubernetes-service-account admission rules. Service account spec format: `namespace:serviceaccount`. e.g. 'test-ns:default'
+  "kubernetesServiceAccountAdmissionRules": { # Optional. Per-kubernetes-service-account admission rules. Service account spec format: `namespace:serviceaccount`. e.g. `test-ns:default`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.

docs/dyn/binaryauthorization_v1.projects.policy.html

diff --git a/docs/dyn/binaryauthorization_v1.projects.policy.html b/docs/dyn/binaryauthorization_v1.projects.policy.html
index d67e4b4..ab70476 100644
--- a/docs/dyn/binaryauthorization_v1.projects.policy.html
+++ b/docs/dyn/binaryauthorization_v1.projects.policy.html
@@ -98,7 +98,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/binaryauthorization_v1.systempolicy.html

diff --git a/docs/dyn/binaryauthorization_v1.systempolicy.html b/docs/dyn/binaryauthorization_v1.systempolicy.html
index 8ff80b4..da367b7 100644
--- a/docs/dyn/binaryauthorization_v1.systempolicy.html
+++ b/docs/dyn/binaryauthorization_v1.systempolicy.html
@@ -124,7 +124,7 @@
   },
   "description": "A String", # Optional. A descriptive comment.
   "globalPolicyEvaluationMode": "A String", # Optional. Controls the evaluation of a Google-maintained global admission policy for common system-level images. Images not covered by the global policy will be subject to the project admission policy. This setting has no effect when specified inside a global admission policy.
-  "istioServiceIdentityAdmissionRules": { # Optional. Per-istio-service-identity admission rules. Istio service identity spec format: spiffe:///ns//sa/ or /ns//sa/ e.g. spiffe://example.com/ns/test-ns/sa/default
+  "istioServiceIdentityAdmissionRules": { # Optional. Per-istio-service-identity admission rules. Istio service identity spec format: `spiffe:///ns//sa/` or `/ns//sa/` e.g. `spiffe://example.com/ns/test-ns/sa/default`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -133,7 +133,7 @@
       ],
     },
   },
-  "kubernetesNamespaceAdmissionRules": { # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: [a-z.-]+, e.g. 'some-namespace'
+  "kubernetesNamespaceAdmissionRules": { # Optional. Per-kubernetes-namespace admission rules. K8s namespace spec format: `[a-z.-]+`, e.g. `some-namespace`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.
@@ -142,7 +142,7 @@
       ],
     },
   },
-  "kubernetesServiceAccountAdmissionRules": { # Optional. Per-kubernetes-service-account admission rules. Service account spec format: `namespace:serviceaccount`. e.g. 'test-ns:default'
+  "kubernetesServiceAccountAdmissionRules": { # Optional. Per-kubernetes-service-account admission rules. Service account spec format: `namespace:serviceaccount`. e.g. `test-ns:default`
     "a_key": { # An admission rule specifies either that all container images used in a pod creation request must be attested to by one or more attestors, that all pod creations will be allowed, or that all pod creations will be denied. Images matching an admission allowlist pattern are exempted from admission rules and will never block a pod creation.
       "enforcementMode": "A String", # Required. The action when a pod creation is denied by the admission rule.
       "evaluationMode": "A String", # Required. How this admission rule will be evaluated.

docs/dyn/calendar_v3.events.html

diff --git a/docs/dyn/calendar_v3.events.html b/docs/dyn/calendar_v3.events.html
index b10c2bf..aa4ace9 100644
--- a/docs/dyn/calendar_v3.events.html
+++ b/docs/dyn/calendar_v3.events.html
@@ -310,6 +310,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -575,6 +576,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -836,6 +838,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -1101,6 +1104,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -1371,6 +1375,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -1667,6 +1672,7 @@
       "eventType": "default", # Specific type of the event. Read-only. Possible values are:
           # - "default" - A regular event or not further specified.
           # - "outOfOffice" - An out-of-office event.
+          # - "focusTime" - A focus-time event.
       "extendedProperties": { # Extended properties of the event.
         "private": { # Properties that are private to the copy of the event that appears on this calendar.
           "a_key": "A String", # The name of the private property and the corresponding value.
@@ -2008,6 +2014,7 @@
       "eventType": "default", # Specific type of the event. Read-only. Possible values are:
           # - "default" - A regular event or not further specified.
           # - "outOfOffice" - An out-of-office event.
+          # - "focusTime" - A focus-time event.
       "extendedProperties": { # Extended properties of the event.
         "private": { # Properties that are private to the copy of the event that appears on this calendar.
           "a_key": "A String", # The name of the private property and the corresponding value.
@@ -2306,6 +2313,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -2572,6 +2580,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -2843,6 +2852,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -3118,6 +3128,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -3384,6 +3395,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.
@@ -3655,6 +3667,7 @@
   "eventType": "default", # Specific type of the event. Read-only. Possible values are:
       # - "default" - A regular event or not further specified.
       # - "outOfOffice" - An out-of-office event.
+      # - "focusTime" - A focus-time event.
   "extendedProperties": { # Extended properties of the event.
     "private": { # Properties that are private to the copy of the event that appears on this calendar.
       "a_key": "A String", # The name of the private property and the corresponding value.

docs/dyn/chromemanagement_v1.customers.html

diff --git a/docs/dyn/chromemanagement_v1.customers.html b/docs/dyn/chromemanagement_v1.customers.html
index c32b79f..274af6e 100644
--- a/docs/dyn/chromemanagement_v1.customers.html
+++ b/docs/dyn/chromemanagement_v1.customers.html
@@ -85,6 +85,11 @@
 <p class="firstline">Returns the reports Resource.</p>
 
 <p class="toc_element">
+  <code><a href="chromemanagement_v1.customers.telemetry.html">telemetry()</a></code>
+</p>
+<p class="firstline">Returns the telemetry Resource.</p>
+
+<p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
 <h3>Method Details</h3>

docs/dyn/chromemanagement_v1.customers.telemetry.devices.html

diff --git a/docs/dyn/chromemanagement_v1.customers.telemetry.devices.html b/docs/dyn/chromemanagement_v1.customers.telemetry.devices.html
new file mode 100644
index 0000000..75e3f96
--- /dev/null
+++ b/docs/dyn/chromemanagement_v1.customers.telemetry.devices.html
@@ -0,0 +1,280 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="chromemanagement_v1.html">Chrome Management API</a> . <a href="chromemanagement_v1.customers.html">customers</a> . <a href="chromemanagement_v1.customers.telemetry.html">telemetry</a> . <a href="chromemanagement_v1.customers.telemetry.devices.html">devices</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#list">list(parent, filter=None, pageSize=None, pageToken=None, readMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">List all telemetry devices.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(parent, filter=None, pageSize=None, pageToken=None, readMask=None, x__xgafv=None)</code>
+  <pre>List all telemetry devices.
+
+Args:
+  parent: string, Required. Customer id or &quot;my_customer&quot; to use the customer associated to the account making the request. (required)
+  filter: string, Optional. Only include resources that match the filter. Supported filter fields: - org_unit_id - serial_number 
+  pageSize: integer, Maximum number of results to return. Maximum and default are 100.
+  pageToken: string, Token to specify next page in the list.
+  readMask: string, Required. Read mask to specify which fields to return.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    {
+  &quot;devices&quot;: [ # Telemetry devices returned in the response.
+    { # Telemetry data collected from a managed device.
+      &quot;batteryInfo&quot;: [ # Output only. Information on battery specs for the device.
+        { # Battery info
+          &quot;designCapacity&quot;: &quot;A String&quot;, # Output only. Design capacity (mAmpere-hours).
+          &quot;designMinVoltage&quot;: 42, # Output only. Designed minimum output voltage (mV)
+          &quot;manufactureDate&quot;: { # Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values * A month and day value, with a zero year, such as an anniversary * A year on its own, with zero month and day values * A year and month value, with a zero day, such as a credit card expiration date Related types are google.type.TimeOfDay and `google.protobuf.Timestamp`. # Output only. The date the battery was manufactured.
+            &quot;day&quot;: 42, # Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn&#x27;t significant.
+            &quot;month&quot;: 42, # Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day.
+            &quot;year&quot;: 42, # Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year.
+          },
+          &quot;manufacturer&quot;: &quot;A String&quot;, # Output only. Battery manufacturer.
+          &quot;serialNumber&quot;: &quot;A String&quot;, # Output only. Battery serial number.
+          &quot;technology&quot;: &quot;A String&quot;, # Output only. Technology of the battery. Example: Li-ion
+        },
+      ],
+      &quot;batteryStatusReport&quot;: [ # Output only. Battery reports collected periodically.
+        { # Status data for battery.
+          &quot;batteryHealth&quot;: &quot;A String&quot;, # Output only. Battery health.
+          &quot;cycleCount&quot;: 42, # Output only. Cycle count.
+          &quot;fullChargeCapacity&quot;: &quot;A String&quot;, # Output only. Full charge capacity (mAmpere-hours).
+          &quot;reportTime&quot;: &quot;A String&quot;, # Output only. Timestamp of when the sample was collected on device
+          &quot;sample&quot;: [ # Output only. Sampling data for the battery.
+            { # Sampling data for battery.
+              &quot;chargeRate&quot;: 42, # Output only. Battery charge percentage.
+              &quot;current&quot;: &quot;A String&quot;, # Output only. Battery current (mA).
+              &quot;dischargeRate&quot;: 42, # Output only. The battery discharge rate measured in mW. Positive if the battery is being discharged, negative if it&#x27;s being charged.
+              &quot;remainingCapacity&quot;: &quot;A String&quot;, # Output only. Battery remaining capacity (mAmpere-hours).
+              &quot;reportTime&quot;: &quot;A String&quot;, # Output only. Timestamp of when the sample was collected on device
+              &quot;status&quot;: &quot;A String&quot;, # Output only. Battery status read from sysfs. Example: Discharging
+              &quot;temperature&quot;: 42, # Output only. Temperature in Celsius degrees.
+              &quot;voltage&quot;: &quot;A String&quot;, # Output only. Battery voltage (millivolt).
+            },
+          ],
+          &quot;serialNumber&quot;: &quot;A String&quot;, # Output only. Battery serial number.
+        },
+      ],
+      &quot;cpuInfo&quot;: [ # Output only. Information regarding CPU specs for the device.
+        { # CPU specs for a CPU.
+          &quot;architecture&quot;: &quot;A String&quot;, # Output only. The CPU architecture.
+          &quot;maxClockSpeed&quot;: 42, # Output only. The max CPU clock speed in kHz.
+          &quot;model&quot;: &quot;A String&quot;, # Output only. The CPU model name. Example: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
+        },
+      ],
+      &quot;cpuStatusReport&quot;: [ # Output only. CPU status reports collected periodically.
+        { # Contains samples of the cpu status reports.
+          &quot;cpuTemperatureInfo&quot;: [ # Output only. CPU temperature sample info per CPU core in Celsius
+            { # CPU temperature of a device. Sampled per CPU core in Celsius
+              &quot;label&quot;: &quot;A String&quot;, # Output only. CPU label. Example: Core 0
+              &quot;temperatureCelsius&quot;: 42, # Output only. CPU temperature in Celsius.
+            },
+          ],
+          &quot;cpuUtilizationPct&quot;: 42, # Output only. Sample of CPU utilization (0-100 percent).
+          &quot;reportTime&quot;: &quot;A String&quot;, # Output only. The timestamp in milliseconds representing time at which this report was sampled.
+          &quot;sampleFrequency&quot;: &quot;A String&quot;, # Output only. Frequency the report is sampled.
+        },
+      ],
+      &quot;customer&quot;: &quot;A String&quot;, # Output only. Google Workspace Customer whose enterprise enrolled the device.
+      &quot;deviceId&quot;: &quot;A String&quot;, # Output only. The unique Directory API ID of the device. This value is the same as the Admin Console&#x27;s Directory API ID in the Chrome OS Devices tab
+      &quot;graphicsInfo&quot;: { # Information of the graphics subsystem. # Output only. Contains information regarding Graphic peripherals for the device.
+        &quot;adapterInfo&quot;: { # Information of a graphics adapter (GPU). # Output only. Information about the graphics adapter (GPU).
+          &quot;adapter&quot;: &quot;A String&quot;, # Output only. Adapter name. Example: Mesa DRI Intel(R) UHD Graphics 620 (Kabylake GT2).
+          &quot;deviceId&quot;: &quot;A String&quot;, # Output only. Represents the graphics card device id.
+          &quot;driverVersion&quot;: &quot;A String&quot;, # Output only. Version of the GPU driver.
+        },
+      },
+      &quot;graphicsStatusReport&quot;: [ # Output only. Graphics reports collected periodically.
+        { # Information of the graphics subsystem.
+          &quot;displays&quot;: [ # Output only. Information about the displays for the device.
+            { # Information for a display.
+              &quot;deviceId&quot;: &quot;A String&quot;, # Output only. Represents the graphics card device id.
+              &quot;isInternal&quot;: True or False, # Output only. Indicates if display is internal or not.
+              &quot;refreshRate&quot;: 42, # Output only. Refresh rate in Hz.
+              &quot;resolutionHeight&quot;: 42, # Output only. Resolution height in pixels.
+              &quot;resolutionWidth&quot;: 42, # Output only. Resolution width in pixels.
+            },
+          ],
+          &quot;reportTime&quot;: &quot;A String&quot;, # Output only. Time at which the graphics data was reported.
+        },
+      ],
+      &quot;memoryInfo&quot;: { # Memory information of a device. # Output only. Information regarding memory specs for the device.
+        &quot;availableRamBytes&quot;: &quot;A String&quot;, # Output only. Amount of available RAM in bytes.
+        &quot;totalRamBytes&quot;: &quot;A String&quot;, # Output only. Total RAM in bytes.
+      },
+      &quot;memoryStatusReport&quot;: [ # Output only. Memory status reports collected periodically.
+        { # Contains samples of memory status reports.
+          &quot;pageFaults&quot;: 42, # Output only. Number of page faults during this collection
+          &quot;reportTime&quot;: &quot;A String&quot;, # Output only. The timestamp in milliseconds representing time at which this report was sampled.
+          &quot;sampleFrequency&quot;: &quot;A String&quot;, # Output only. Frequency the report is sampled.
+          &quot;systemRamFreeBytes&quot;: &quot;A String&quot;, # Output only. Amount of free RAM in bytes (unreliable due to Garbage Collection).
+        },
+      ],
+      &quot;name&quot;: &quot;A String&quot;, # Output only. Resource name of the device.
+      &quot;networkStatusReport&quot;: [ # Output only. Network specs collected periodically.
+        { # State of visible/configured networks.
+          &quot;gatewayIpAddress&quot;: &quot;A String&quot;, # Output only. Gateway IP address.
+          &quot;lanIpAddress&quot;: &quot;A String&quot;, # Output only. LAN IP address.
+          &quot;reportTime&quot;: &quot;A String&quot;, # Output only. Time at which the network state was reported.
+          &quot;sampleFrequency&quot;: &quot;A String&quot;, # Output only. Frequency the report is sampled.
+          &quot;signalStrengthDbm&quot;: 42, # Output only. Signal strength for wireless networks measured in decibels.
+        },
+      ],
+      &quot;orgUnitId&quot;: &quot;A String&quot;, # Output only. Organization unit ID of the device.
+      &quot;osUpdateStatus&quot;: [ # Output only. Contains relevant information regarding ChromeOS update status.
+        { # Contains information regarding the current OS update status.
+          &quot;lastRebootTime&quot;: &quot;A String&quot;, # Output only. Timestamp of the last reboot.
+          &quot;lastUpdateCheckTime&quot;: &quot;A String&quot;, # Output only. Timestamp of the last update check.
+          &quot;lastUpdateTime&quot;: &quot;A String&quot;, # Output only. Timestamp of the last successful update.
+          &quot;newPlatformVersion&quot;: &quot;A String&quot;, # Output only. New platform version of the os image being downloaded and applied. It is only set when update status is OS_IMAGE_DOWNLOAD_IN_PROGRESS or OS_UPDATE_NEED_REBOOT. Note this could be a dummy &quot;0.0.0.0&quot; for OS_UPDATE_NEED_REBOOT status for some edge cases, e.g. update engine is restarted without a reboot.
+          &quot;newRequestedPlatformVersion&quot;: &quot;A String&quot;, # Output only. New requested platform version from the pending updated kiosk app.
+          &quot;updateState&quot;: &quot;A String&quot;, # Output only. Current state of the os update.
+        },
+      ],
+      &quot;serialNumber&quot;: &quot;A String&quot;, # Output only. Device serial number. This value is the same as the Admin Console&#x27;s Serial Number in the Chrome OS Devices tab.
+      &quot;storageInfo&quot;: { # Status data for storage. # Output only. Information of storage specs for the device.
+        &quot;availableDiskBytes&quot;: &quot;A String&quot;, # The available space for user data storage in the device in bytes.
+        &quot;totalDiskBytes&quot;: &quot;A String&quot;, # The total space for user data storage in the device in bytes.
+        &quot;volume&quot;: [ # Information for disk volumes
+          { # Information for disk volumes
+            &quot;storageFreeBytes&quot;: &quot;A String&quot;, # Free storage space in bytes.
+            &quot;storageTotalBytes&quot;: &quot;A String&quot;, # Total storage space in bytes.
+            &quot;volumeId&quot;: &quot;A String&quot;, # Disk volume id.
+          },
+        ],
+      },
+      &quot;storageStatusReport&quot;: [ # Output only. Storage reports collected periodically.
+        { # Status data for storage.
+          &quot;disk&quot;: [ # Output only. Reports on disk
+            { # Status of the single storage device.
+              &quot;bytesReadThisSession&quot;: &quot;A String&quot;, # Output only. Number of bytes read since last boot.
+              &quot;bytesWrittenThisSession&quot;: &quot;A String&quot;, # Output only. Number of bytes written since last boot.
+              &quot;discardTimeThisSession&quot;: &quot;A String&quot;, # Output only. Time spent discarding since last boot. Discarding is writing to clear blocks which are no longer in use. Supported on kernels 4.18+.
+              &quot;health&quot;: &quot;A String&quot;, # Output only. Disk health.
+              &quot;ioTimeThisSession&quot;: &quot;A String&quot;, # Output only. Counts the time the disk and queue were busy, so unlike the fields above, parallel requests are not counted multiple times.
+              &quot;manufacturer&quot;: &quot;A String&quot;, # Output only. Disk manufacturer.
+              &quot;model&quot;: &quot;A String&quot;, # Output only. Disk model.
+              &quot;readTimeThisSession&quot;: &quot;A String&quot;, # Output only. Time spent reading from disk since last boot.
+              &quot;serialNumber&quot;: &quot;A String&quot;, # Output only. Disk serial number.
+              &quot;sizeBytes&quot;: &quot;A String&quot;, # Output only. Disk size.
+              &quot;type&quot;: &quot;A String&quot;, # Output only. Disk type: eMMC / NVMe / ATA / SCSI.
+              &quot;volumeIds&quot;: [ # Output only. Disk volumes.
+                &quot;A String&quot;,
+              ],
+              &quot;writeTimeThisSession&quot;: &quot;A String&quot;, # Output only. Time spent writing to disk since last boot.
+            },
+          ],
+          &quot;reportTime&quot;: &quot;A String&quot;, # Output only. Timestamp of when the sample was collected on device
+        },
+      ],
+    },
+  ],
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # Token to specify next page in the list.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/chromemanagement_v1.customers.telemetry.html

diff --git a/docs/dyn/chromemanagement_v1.customers.telemetry.html b/docs/dyn/chromemanagement_v1.customers.telemetry.html
new file mode 100644
index 0000000..6f3e10b
--- /dev/null
+++ b/docs/dyn/chromemanagement_v1.customers.telemetry.html
@@ -0,0 +1,91 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="chromemanagement_v1.html">Chrome Management API</a> . <a href="chromemanagement_v1.customers.html">customers</a> . <a href="chromemanagement_v1.customers.telemetry.html">telemetry</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="chromemanagement_v1.customers.telemetry.devices.html">devices()</a></code>
+</p>
+<p class="firstline">Returns the devices Resource.</p>
+
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/cloudasset_v1.html

diff --git a/docs/dyn/cloudasset_v1.html b/docs/dyn/cloudasset_v1.html
index 5024435..01bfccf 100644
--- a/docs/dyn/cloudasset_v1.html
+++ b/docs/dyn/cloudasset_v1.html
@@ -90,6 +90,11 @@
 <p class="firstline">Returns the operations Resource.</p>
 
 <p class="toc_element">
+  <code><a href="cloudasset_v1.savedQueries.html">savedQueries()</a></code>
+</p>
+<p class="firstline">Returns the savedQueries Resource.</p>
+
+<p class="toc_element">
   <code><a href="cloudasset_v1.v1.html">v1()</a></code>
 </p>
 <p class="firstline">Returns the v1 Resource.</p>

docs/dyn/cloudasset_v1.savedQueries.html

diff --git a/docs/dyn/cloudasset_v1.savedQueries.html b/docs/dyn/cloudasset_v1.savedQueries.html
new file mode 100644
index 0000000..f257756
--- /dev/null
+++ b/docs/dyn/cloudasset_v1.savedQueries.html
@@ -0,0 +1,464 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="cloudasset_v1.html">Cloud Asset API</a> . <a href="cloudasset_v1.savedQueries.html">savedQueries</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#create">create(parent, body=None, savedQueryId=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Creates a saved query in a parent project/folder/organization.</p>
+<p class="toc_element">
+  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Deletes a saved query.</p>
+<p class="toc_element">
+  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets details about a saved query.</p>
+<p class="toc_element">
+  <code><a href="#list">list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Lists all saved queries in a parent project/folder/organization.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates a saved query.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="create">create(parent, body=None, savedQueryId=None, x__xgafv=None)</code>
+  <pre>Creates a saved query in a parent project/folder/organization.
+
+Args:
+  parent: string, Required. The name of the project/folder/organization where this saved_query should be created in. It can only be an organization number (such as &quot;organizations/123&quot;), a folder number (such as &quot;folders/123&quot;), a project ID (such as &quot;projects/my-project-id&quot;)&quot;, or a project number (such as &quot;projects/12345&quot;). (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A saved query which can be shared with others or used later.
+  &quot;content&quot;: { # The query content. # The query content.
+    &quot;iamPolicyAnalysisQuery&quot;: { # ## IAM policy analysis query message. # An IAM Policy Analysis query, which could be used in the AssetService.AnalyzeIamPolicy rpc or the AssetService.AnalyzeIamPolicyLongrunning rpc.
+      &quot;accessSelector&quot;: { # Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control. If multiple values are specified, results will include roles or permissions matching any of them. The total number of roles and permissions should be equal or less than 10. # Optional. Specifies roles or permissions for analysis. This is optional.
+        &quot;permissions&quot;: [ # Optional. The permissions to appear in result.
+          &quot;A String&quot;,
+        ],
+        &quot;roles&quot;: [ # Optional. The roles to appear in result.
+          &quot;A String&quot;,
+        ],
+      },
+      &quot;conditionContext&quot;: { # The IAM conditions context. # Optional. The hypothetical context for IAM conditions evaluation.
+        &quot;accessTime&quot;: &quot;A String&quot;, # The hypothetical access timestamp to evaluate IAM conditions. Note that this value must not be earlier than the current time; otherwise, an INVALID_ARGUMENT error will be returned.
+      },
+      &quot;identitySelector&quot;: { # Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly. # Optional. Specifies an identity for analysis.
+        &quot;identity&quot;: &quot;A String&quot;, # Required. The identity appear in the form of principals in [IAM policy binding](https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of supported forms are: &quot;user:mike@example.com&quot;, &quot;group:admins@example.com&quot;, &quot;domain:google.com&quot;, &quot;serviceAccount:my-project-id@appspot.gserviceaccount.com&quot;. Notice that wildcard characters (such as * and ?) are not supported. You must give a specific identity.
+      },
+      &quot;options&quot;: { # Contains query options. # Optional. The query options.
+        &quot;analyzeServiceAccountImpersonation&quot;: True or False, # Optional. If true, the response will include access analysis from identities to resources via service account impersonation. This is a very expensive operation, because many derived queries will be executed. We highly recommend you use AssetService.AnalyzeIamPolicyLongrunning rpc instead. For example, if the request analyzes for which resources user A has permission P, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.getAccessToken permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to a GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another example, if the request analyzes for who has permission P to a GCP folder F, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.actAs permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to the GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Default is false.
+        &quot;expandGroups&quot;: True or False, # Optional. If true, the identities section of the result will expand any Google groups appearing in an IAM policy binding. If IamPolicyAnalysisQuery.identity_selector is specified, the identity in the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;expandResources&quot;: True or False, # Optional. If true and IamPolicyAnalysisQuery.resource_selector is not specified, the resource section of the result will expand any resource attached to an IAM policy to include resources lower in the resource hierarchy. For example, if the request analyzes for which resources user A has permission P, and the results include an IAM policy with P on a GCP folder, the results will also include resources in that folder with permission P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the resource section of the result will expand the specified resource to include resources lower in the resource hierarchy. Only project or lower resources are supported. Folder and organization resource cannot be used together with this option. For example, if the request analyzes for which users have permission P on a GCP project with this option enabled, the results will include all users who have permission P on that project or any lower resource. Default is false.
+        &quot;expandRoles&quot;: True or False, # Optional. If true, the access section of result will expand any roles appearing in IAM policy bindings to include their permissions. If IamPolicyAnalysisQuery.access_selector is specified, the access section of the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;outputGroupEdges&quot;: True or False, # Optional. If true, the result will output the relevant membership relationships between groups and other groups, and between groups and principals. Default is false.
+        &quot;outputResourceEdges&quot;: True or False, # Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false.
+      },
+      &quot;resourceSelector&quot;: { # Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects. # Optional. Specifies a resource for analysis.
+        &quot;fullResourceName&quot;: &quot;A String&quot;, # Required. The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types).
+      },
+      &quot;scope&quot;: &quot;A String&quot;, # Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as &quot;organizations/123&quot;), a folder number (such as &quot;folders/123&quot;), a project ID (such as &quot;projects/my-project-id&quot;), or a project number (such as &quot;projects/12345&quot;). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects).
+    },
+  },
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The create time of this saved query.
+  &quot;creator&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has created this saved query.
+  &quot;description&quot;: &quot;A String&quot;, # The description of this saved query. This value should be fewer than 255 characters.
+  &quot;labels&quot;: { # Labels applied on the resource. This value should not contain more than 10 entries. The key and value of each entry must be non-empty and fewer than 64 characters.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;lastUpdateTime&quot;: &quot;A String&quot;, # Output only. The last update time of this saved query.
+  &quot;lastUpdater&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has updated this saved query most recently.
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the saved query. The format must be: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id
+}
+
+  savedQueryId: string, Required. The ID to use for the saved query, which must be unique in the specified parent. It will become the final component of the saved query&#x27;s resource name. This value should be 4-63 characters, and valid characters are /a-z-/. Notice that this field is required in the saved query creation, and the `name` field of the `saved_query` will be ignored.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A saved query which can be shared with others or used later.
+  &quot;content&quot;: { # The query content. # The query content.
+    &quot;iamPolicyAnalysisQuery&quot;: { # ## IAM policy analysis query message. # An IAM Policy Analysis query, which could be used in the AssetService.AnalyzeIamPolicy rpc or the AssetService.AnalyzeIamPolicyLongrunning rpc.
+      &quot;accessSelector&quot;: { # Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control. If multiple values are specified, results will include roles or permissions matching any of them. The total number of roles and permissions should be equal or less than 10. # Optional. Specifies roles or permissions for analysis. This is optional.
+        &quot;permissions&quot;: [ # Optional. The permissions to appear in result.
+          &quot;A String&quot;,
+        ],
+        &quot;roles&quot;: [ # Optional. The roles to appear in result.
+          &quot;A String&quot;,
+        ],
+      },
+      &quot;conditionContext&quot;: { # The IAM conditions context. # Optional. The hypothetical context for IAM conditions evaluation.
+        &quot;accessTime&quot;: &quot;A String&quot;, # The hypothetical access timestamp to evaluate IAM conditions. Note that this value must not be earlier than the current time; otherwise, an INVALID_ARGUMENT error will be returned.
+      },
+      &quot;identitySelector&quot;: { # Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly. # Optional. Specifies an identity for analysis.
+        &quot;identity&quot;: &quot;A String&quot;, # Required. The identity appear in the form of principals in [IAM policy binding](https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of supported forms are: &quot;user:mike@example.com&quot;, &quot;group:admins@example.com&quot;, &quot;domain:google.com&quot;, &quot;serviceAccount:my-project-id@appspot.gserviceaccount.com&quot;. Notice that wildcard characters (such as * and ?) are not supported. You must give a specific identity.
+      },
+      &quot;options&quot;: { # Contains query options. # Optional. The query options.
+        &quot;analyzeServiceAccountImpersonation&quot;: True or False, # Optional. If true, the response will include access analysis from identities to resources via service account impersonation. This is a very expensive operation, because many derived queries will be executed. We highly recommend you use AssetService.AnalyzeIamPolicyLongrunning rpc instead. For example, if the request analyzes for which resources user A has permission P, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.getAccessToken permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to a GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another example, if the request analyzes for who has permission P to a GCP folder F, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.actAs permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to the GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Default is false.
+        &quot;expandGroups&quot;: True or False, # Optional. If true, the identities section of the result will expand any Google groups appearing in an IAM policy binding. If IamPolicyAnalysisQuery.identity_selector is specified, the identity in the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;expandResources&quot;: True or False, # Optional. If true and IamPolicyAnalysisQuery.resource_selector is not specified, the resource section of the result will expand any resource attached to an IAM policy to include resources lower in the resource hierarchy. For example, if the request analyzes for which resources user A has permission P, and the results include an IAM policy with P on a GCP folder, the results will also include resources in that folder with permission P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the resource section of the result will expand the specified resource to include resources lower in the resource hierarchy. Only project or lower resources are supported. Folder and organization resource cannot be used together with this option. For example, if the request analyzes for which users have permission P on a GCP project with this option enabled, the results will include all users who have permission P on that project or any lower resource. Default is false.
+        &quot;expandRoles&quot;: True or False, # Optional. If true, the access section of result will expand any roles appearing in IAM policy bindings to include their permissions. If IamPolicyAnalysisQuery.access_selector is specified, the access section of the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;outputGroupEdges&quot;: True or False, # Optional. If true, the result will output the relevant membership relationships between groups and other groups, and between groups and principals. Default is false.
+        &quot;outputResourceEdges&quot;: True or False, # Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false.
+      },
+      &quot;resourceSelector&quot;: { # Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects. # Optional. Specifies a resource for analysis.
+        &quot;fullResourceName&quot;: &quot;A String&quot;, # Required. The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types).
+      },
+      &quot;scope&quot;: &quot;A String&quot;, # Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as &quot;organizations/123&quot;), a folder number (such as &quot;folders/123&quot;), a project ID (such as &quot;projects/my-project-id&quot;), or a project number (such as &quot;projects/12345&quot;). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects).
+    },
+  },
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The create time of this saved query.
+  &quot;creator&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has created this saved query.
+  &quot;description&quot;: &quot;A String&quot;, # The description of this saved query. This value should be fewer than 255 characters.
+  &quot;labels&quot;: { # Labels applied on the resource. This value should not contain more than 10 entries. The key and value of each entry must be non-empty and fewer than 64 characters.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;lastUpdateTime&quot;: &quot;A String&quot;, # Output only. The last update time of this saved query.
+  &quot;lastUpdater&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has updated this saved query most recently.
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the saved query. The format must be: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
+  <pre>Deletes a saved query.
+
+Args:
+  name: string, Required. The name of the saved query to delete. It must be in the format of: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="get">get(name, x__xgafv=None)</code>
+  <pre>Gets details about a saved query.
+
+Args:
+  name: string, Required. The name of the saved query and it must be in the format of: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A saved query which can be shared with others or used later.
+  &quot;content&quot;: { # The query content. # The query content.
+    &quot;iamPolicyAnalysisQuery&quot;: { # ## IAM policy analysis query message. # An IAM Policy Analysis query, which could be used in the AssetService.AnalyzeIamPolicy rpc or the AssetService.AnalyzeIamPolicyLongrunning rpc.
+      &quot;accessSelector&quot;: { # Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control. If multiple values are specified, results will include roles or permissions matching any of them. The total number of roles and permissions should be equal or less than 10. # Optional. Specifies roles or permissions for analysis. This is optional.
+        &quot;permissions&quot;: [ # Optional. The permissions to appear in result.
+          &quot;A String&quot;,
+        ],
+        &quot;roles&quot;: [ # Optional. The roles to appear in result.
+          &quot;A String&quot;,
+        ],
+      },
+      &quot;conditionContext&quot;: { # The IAM conditions context. # Optional. The hypothetical context for IAM conditions evaluation.
+        &quot;accessTime&quot;: &quot;A String&quot;, # The hypothetical access timestamp to evaluate IAM conditions. Note that this value must not be earlier than the current time; otherwise, an INVALID_ARGUMENT error will be returned.
+      },
+      &quot;identitySelector&quot;: { # Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly. # Optional. Specifies an identity for analysis.
+        &quot;identity&quot;: &quot;A String&quot;, # Required. The identity appear in the form of principals in [IAM policy binding](https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of supported forms are: &quot;user:mike@example.com&quot;, &quot;group:admins@example.com&quot;, &quot;domain:google.com&quot;, &quot;serviceAccount:my-project-id@appspot.gserviceaccount.com&quot;. Notice that wildcard characters (such as * and ?) are not supported. You must give a specific identity.
+      },
+      &quot;options&quot;: { # Contains query options. # Optional. The query options.
+        &quot;analyzeServiceAccountImpersonation&quot;: True or False, # Optional. If true, the response will include access analysis from identities to resources via service account impersonation. This is a very expensive operation, because many derived queries will be executed. We highly recommend you use AssetService.AnalyzeIamPolicyLongrunning rpc instead. For example, if the request analyzes for which resources user A has permission P, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.getAccessToken permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to a GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another example, if the request analyzes for who has permission P to a GCP folder F, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.actAs permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to the GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Default is false.
+        &quot;expandGroups&quot;: True or False, # Optional. If true, the identities section of the result will expand any Google groups appearing in an IAM policy binding. If IamPolicyAnalysisQuery.identity_selector is specified, the identity in the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;expandResources&quot;: True or False, # Optional. If true and IamPolicyAnalysisQuery.resource_selector is not specified, the resource section of the result will expand any resource attached to an IAM policy to include resources lower in the resource hierarchy. For example, if the request analyzes for which resources user A has permission P, and the results include an IAM policy with P on a GCP folder, the results will also include resources in that folder with permission P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the resource section of the result will expand the specified resource to include resources lower in the resource hierarchy. Only project or lower resources are supported. Folder and organization resource cannot be used together with this option. For example, if the request analyzes for which users have permission P on a GCP project with this option enabled, the results will include all users who have permission P on that project or any lower resource. Default is false.
+        &quot;expandRoles&quot;: True or False, # Optional. If true, the access section of result will expand any roles appearing in IAM policy bindings to include their permissions. If IamPolicyAnalysisQuery.access_selector is specified, the access section of the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;outputGroupEdges&quot;: True or False, # Optional. If true, the result will output the relevant membership relationships between groups and other groups, and between groups and principals. Default is false.
+        &quot;outputResourceEdges&quot;: True or False, # Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false.
+      },
+      &quot;resourceSelector&quot;: { # Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects. # Optional. Specifies a resource for analysis.
+        &quot;fullResourceName&quot;: &quot;A String&quot;, # Required. The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types).
+      },
+      &quot;scope&quot;: &quot;A String&quot;, # Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as &quot;organizations/123&quot;), a folder number (such as &quot;folders/123&quot;), a project ID (such as &quot;projects/my-project-id&quot;), or a project number (such as &quot;projects/12345&quot;). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects).
+    },
+  },
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The create time of this saved query.
+  &quot;creator&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has created this saved query.
+  &quot;description&quot;: &quot;A String&quot;, # The description of this saved query. This value should be fewer than 255 characters.
+  &quot;labels&quot;: { # Labels applied on the resource. This value should not contain more than 10 entries. The key and value of each entry must be non-empty and fewer than 64 characters.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;lastUpdateTime&quot;: &quot;A String&quot;, # Output only. The last update time of this saved query.
+  &quot;lastUpdater&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has updated this saved query most recently.
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the saved query. The format must be: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</code>
+  <pre>Lists all saved queries in a parent project/folder/organization.
+
+Args:
+  parent: string, Required. The parent project/folder/organization whose savedQueries are to be listed. It can only be using project/folder/organization number (such as &quot;folders/12345&quot;)&quot;, or a project ID (such as &quot;projects/my-project-id&quot;). (required)
+  filter: string, Optional. The expression to filter resources. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. When `AND` and `OR` are both used in the expression, parentheses must be appropriately used to group the combinations. The expression may also contain regular expressions. See https://google.aip.dev/160 for more information on the grammar.
+  pageSize: integer, Optional. The maximum number of saved queries to return per page. The service may return fewer than this value. If unspecified, at most 50 will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
+  pageToken: string, Optional. A page token, received from a previous `ListSavedQueries` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListSavedQueries` must match the call that provided the page token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response of listing saved queries.
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.
+  &quot;savedQueries&quot;: [ # A list of savedQueries.
+    { # A saved query which can be shared with others or used later.
+      &quot;content&quot;: { # The query content. # The query content.
+        &quot;iamPolicyAnalysisQuery&quot;: { # ## IAM policy analysis query message. # An IAM Policy Analysis query, which could be used in the AssetService.AnalyzeIamPolicy rpc or the AssetService.AnalyzeIamPolicyLongrunning rpc.
+          &quot;accessSelector&quot;: { # Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control. If multiple values are specified, results will include roles or permissions matching any of them. The total number of roles and permissions should be equal or less than 10. # Optional. Specifies roles or permissions for analysis. This is optional.
+            &quot;permissions&quot;: [ # Optional. The permissions to appear in result.
+              &quot;A String&quot;,
+            ],
+            &quot;roles&quot;: [ # Optional. The roles to appear in result.
+              &quot;A String&quot;,
+            ],
+          },
+          &quot;conditionContext&quot;: { # The IAM conditions context. # Optional. The hypothetical context for IAM conditions evaluation.
+            &quot;accessTime&quot;: &quot;A String&quot;, # The hypothetical access timestamp to evaluate IAM conditions. Note that this value must not be earlier than the current time; otherwise, an INVALID_ARGUMENT error will be returned.
+          },
+          &quot;identitySelector&quot;: { # Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly. # Optional. Specifies an identity for analysis.
+            &quot;identity&quot;: &quot;A String&quot;, # Required. The identity appear in the form of principals in [IAM policy binding](https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of supported forms are: &quot;user:mike@example.com&quot;, &quot;group:admins@example.com&quot;, &quot;domain:google.com&quot;, &quot;serviceAccount:my-project-id@appspot.gserviceaccount.com&quot;. Notice that wildcard characters (such as * and ?) are not supported. You must give a specific identity.
+          },
+          &quot;options&quot;: { # Contains query options. # Optional. The query options.
+            &quot;analyzeServiceAccountImpersonation&quot;: True or False, # Optional. If true, the response will include access analysis from identities to resources via service account impersonation. This is a very expensive operation, because many derived queries will be executed. We highly recommend you use AssetService.AnalyzeIamPolicyLongrunning rpc instead. For example, if the request analyzes for which resources user A has permission P, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.getAccessToken permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to a GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another example, if the request analyzes for who has permission P to a GCP folder F, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.actAs permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to the GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Default is false.
+            &quot;expandGroups&quot;: True or False, # Optional. If true, the identities section of the result will expand any Google groups appearing in an IAM policy binding. If IamPolicyAnalysisQuery.identity_selector is specified, the identity in the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+            &quot;expandResources&quot;: True or False, # Optional. If true and IamPolicyAnalysisQuery.resource_selector is not specified, the resource section of the result will expand any resource attached to an IAM policy to include resources lower in the resource hierarchy. For example, if the request analyzes for which resources user A has permission P, and the results include an IAM policy with P on a GCP folder, the results will also include resources in that folder with permission P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the resource section of the result will expand the specified resource to include resources lower in the resource hierarchy. Only project or lower resources are supported. Folder and organization resource cannot be used together with this option. For example, if the request analyzes for which users have permission P on a GCP project with this option enabled, the results will include all users who have permission P on that project or any lower resource. Default is false.
+            &quot;expandRoles&quot;: True or False, # Optional. If true, the access section of result will expand any roles appearing in IAM policy bindings to include their permissions. If IamPolicyAnalysisQuery.access_selector is specified, the access section of the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+            &quot;outputGroupEdges&quot;: True or False, # Optional. If true, the result will output the relevant membership relationships between groups and other groups, and between groups and principals. Default is false.
+            &quot;outputResourceEdges&quot;: True or False, # Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false.
+          },
+          &quot;resourceSelector&quot;: { # Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects. # Optional. Specifies a resource for analysis.
+            &quot;fullResourceName&quot;: &quot;A String&quot;, # Required. The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types).
+          },
+          &quot;scope&quot;: &quot;A String&quot;, # Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as &quot;organizations/123&quot;), a folder number (such as &quot;folders/123&quot;), a project ID (such as &quot;projects/my-project-id&quot;), or a project number (such as &quot;projects/12345&quot;). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects).
+        },
+      },
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The create time of this saved query.
+      &quot;creator&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has created this saved query.
+      &quot;description&quot;: &quot;A String&quot;, # The description of this saved query. This value should be fewer than 255 characters.
+      &quot;labels&quot;: { # Labels applied on the resource. This value should not contain more than 10 entries. The key and value of each entry must be non-empty and fewer than 64 characters.
+        &quot;a_key&quot;: &quot;A String&quot;,
+      },
+      &quot;lastUpdateTime&quot;: &quot;A String&quot;, # Output only. The last update time of this saved query.
+      &quot;lastUpdater&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has updated this saved query most recently.
+      &quot;name&quot;: &quot;A String&quot;, # The resource name of the saved query. The format must be: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id
+    },
+  ],
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Updates a saved query.
+
+Args:
+  name: string, The resource name of the saved query. The format must be: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A saved query which can be shared with others or used later.
+  &quot;content&quot;: { # The query content. # The query content.
+    &quot;iamPolicyAnalysisQuery&quot;: { # ## IAM policy analysis query message. # An IAM Policy Analysis query, which could be used in the AssetService.AnalyzeIamPolicy rpc or the AssetService.AnalyzeIamPolicyLongrunning rpc.
+      &quot;accessSelector&quot;: { # Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control. If multiple values are specified, results will include roles or permissions matching any of them. The total number of roles and permissions should be equal or less than 10. # Optional. Specifies roles or permissions for analysis. This is optional.
+        &quot;permissions&quot;: [ # Optional. The permissions to appear in result.
+          &quot;A String&quot;,
+        ],
+        &quot;roles&quot;: [ # Optional. The roles to appear in result.
+          &quot;A String&quot;,
+        ],
+      },
+      &quot;conditionContext&quot;: { # The IAM conditions context. # Optional. The hypothetical context for IAM conditions evaluation.
+        &quot;accessTime&quot;: &quot;A String&quot;, # The hypothetical access timestamp to evaluate IAM conditions. Note that this value must not be earlier than the current time; otherwise, an INVALID_ARGUMENT error will be returned.
+      },
+      &quot;identitySelector&quot;: { # Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly. # Optional. Specifies an identity for analysis.
+        &quot;identity&quot;: &quot;A String&quot;, # Required. The identity appear in the form of principals in [IAM policy binding](https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of supported forms are: &quot;user:mike@example.com&quot;, &quot;group:admins@example.com&quot;, &quot;domain:google.com&quot;, &quot;serviceAccount:my-project-id@appspot.gserviceaccount.com&quot;. Notice that wildcard characters (such as * and ?) are not supported. You must give a specific identity.
+      },
+      &quot;options&quot;: { # Contains query options. # Optional. The query options.
+        &quot;analyzeServiceAccountImpersonation&quot;: True or False, # Optional. If true, the response will include access analysis from identities to resources via service account impersonation. This is a very expensive operation, because many derived queries will be executed. We highly recommend you use AssetService.AnalyzeIamPolicyLongrunning rpc instead. For example, if the request analyzes for which resources user A has permission P, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.getAccessToken permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to a GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another example, if the request analyzes for who has permission P to a GCP folder F, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.actAs permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to the GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Default is false.
+        &quot;expandGroups&quot;: True or False, # Optional. If true, the identities section of the result will expand any Google groups appearing in an IAM policy binding. If IamPolicyAnalysisQuery.identity_selector is specified, the identity in the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;expandResources&quot;: True or False, # Optional. If true and IamPolicyAnalysisQuery.resource_selector is not specified, the resource section of the result will expand any resource attached to an IAM policy to include resources lower in the resource hierarchy. For example, if the request analyzes for which resources user A has permission P, and the results include an IAM policy with P on a GCP folder, the results will also include resources in that folder with permission P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the resource section of the result will expand the specified resource to include resources lower in the resource hierarchy. Only project or lower resources are supported. Folder and organization resource cannot be used together with this option. For example, if the request analyzes for which users have permission P on a GCP project with this option enabled, the results will include all users who have permission P on that project or any lower resource. Default is false.
+        &quot;expandRoles&quot;: True or False, # Optional. If true, the access section of result will expand any roles appearing in IAM policy bindings to include their permissions. If IamPolicyAnalysisQuery.access_selector is specified, the access section of the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;outputGroupEdges&quot;: True or False, # Optional. If true, the result will output the relevant membership relationships between groups and other groups, and between groups and principals. Default is false.
+        &quot;outputResourceEdges&quot;: True or False, # Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false.
+      },
+      &quot;resourceSelector&quot;: { # Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects. # Optional. Specifies a resource for analysis.
+        &quot;fullResourceName&quot;: &quot;A String&quot;, # Required. The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types).
+      },
+      &quot;scope&quot;: &quot;A String&quot;, # Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as &quot;organizations/123&quot;), a folder number (such as &quot;folders/123&quot;), a project ID (such as &quot;projects/my-project-id&quot;), or a project number (such as &quot;projects/12345&quot;). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects).
+    },
+  },
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The create time of this saved query.
+  &quot;creator&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has created this saved query.
+  &quot;description&quot;: &quot;A String&quot;, # The description of this saved query. This value should be fewer than 255 characters.
+  &quot;labels&quot;: { # Labels applied on the resource. This value should not contain more than 10 entries. The key and value of each entry must be non-empty and fewer than 64 characters.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;lastUpdateTime&quot;: &quot;A String&quot;, # Output only. The last update time of this saved query.
+  &quot;lastUpdater&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has updated this saved query most recently.
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the saved query. The format must be: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id
+}
+
+  updateMask: string, Required. The list of fields to update.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A saved query which can be shared with others or used later.
+  &quot;content&quot;: { # The query content. # The query content.
+    &quot;iamPolicyAnalysisQuery&quot;: { # ## IAM policy analysis query message. # An IAM Policy Analysis query, which could be used in the AssetService.AnalyzeIamPolicy rpc or the AssetService.AnalyzeIamPolicyLongrunning rpc.
+      &quot;accessSelector&quot;: { # Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control. If multiple values are specified, results will include roles or permissions matching any of them. The total number of roles and permissions should be equal or less than 10. # Optional. Specifies roles or permissions for analysis. This is optional.
+        &quot;permissions&quot;: [ # Optional. The permissions to appear in result.
+          &quot;A String&quot;,
+        ],
+        &quot;roles&quot;: [ # Optional. The roles to appear in result.
+          &quot;A String&quot;,
+        ],
+      },
+      &quot;conditionContext&quot;: { # The IAM conditions context. # Optional. The hypothetical context for IAM conditions evaluation.
+        &quot;accessTime&quot;: &quot;A String&quot;, # The hypothetical access timestamp to evaluate IAM conditions. Note that this value must not be earlier than the current time; otherwise, an INVALID_ARGUMENT error will be returned.
+      },
+      &quot;identitySelector&quot;: { # Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly. # Optional. Specifies an identity for analysis.
+        &quot;identity&quot;: &quot;A String&quot;, # Required. The identity appear in the form of principals in [IAM policy binding](https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of supported forms are: &quot;user:mike@example.com&quot;, &quot;group:admins@example.com&quot;, &quot;domain:google.com&quot;, &quot;serviceAccount:my-project-id@appspot.gserviceaccount.com&quot;. Notice that wildcard characters (such as * and ?) are not supported. You must give a specific identity.
+      },
+      &quot;options&quot;: { # Contains query options. # Optional. The query options.
+        &quot;analyzeServiceAccountImpersonation&quot;: True or False, # Optional. If true, the response will include access analysis from identities to resources via service account impersonation. This is a very expensive operation, because many derived queries will be executed. We highly recommend you use AssetService.AnalyzeIamPolicyLongrunning rpc instead. For example, if the request analyzes for which resources user A has permission P, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.getAccessToken permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to a GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another example, if the request analyzes for who has permission P to a GCP folder F, and there&#x27;s an IAM policy states user A has iam.serviceAccounts.actAs permission to a service account SA, and there&#x27;s another IAM policy states service account SA has permission P to the GCP folder F, then user A potentially has access to the GCP folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Default is false.
+        &quot;expandGroups&quot;: True or False, # Optional. If true, the identities section of the result will expand any Google groups appearing in an IAM policy binding. If IamPolicyAnalysisQuery.identity_selector is specified, the identity in the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;expandResources&quot;: True or False, # Optional. If true and IamPolicyAnalysisQuery.resource_selector is not specified, the resource section of the result will expand any resource attached to an IAM policy to include resources lower in the resource hierarchy. For example, if the request analyzes for which resources user A has permission P, and the results include an IAM policy with P on a GCP folder, the results will also include resources in that folder with permission P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the resource section of the result will expand the specified resource to include resources lower in the resource hierarchy. Only project or lower resources are supported. Folder and organization resource cannot be used together with this option. For example, if the request analyzes for which users have permission P on a GCP project with this option enabled, the results will include all users who have permission P on that project or any lower resource. Default is false.
+        &quot;expandRoles&quot;: True or False, # Optional. If true, the access section of result will expand any roles appearing in IAM policy bindings to include their permissions. If IamPolicyAnalysisQuery.access_selector is specified, the access section of the result will be determined by the selector, and this flag is not allowed to set. Default is false.
+        &quot;outputGroupEdges&quot;: True or False, # Optional. If true, the result will output the relevant membership relationships between groups and other groups, and between groups and principals. Default is false.
+        &quot;outputResourceEdges&quot;: True or False, # Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false.
+      },
+      &quot;resourceSelector&quot;: { # Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects. # Optional. Specifies a resource for analysis.
+        &quot;fullResourceName&quot;: &quot;A String&quot;, # Required. The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types).
+      },
+      &quot;scope&quot;: &quot;A String&quot;, # Required. The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as &quot;organizations/123&quot;), a folder number (such as &quot;folders/123&quot;), a project ID (such as &quot;projects/my-project-id&quot;), or a project number (such as &quot;projects/12345&quot;). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects).
+    },
+  },
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The create time of this saved query.
+  &quot;creator&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has created this saved query.
+  &quot;description&quot;: &quot;A String&quot;, # The description of this saved query. This value should be fewer than 255 characters.
+  &quot;labels&quot;: { # Labels applied on the resource. This value should not contain more than 10 entries. The key and value of each entry must be non-empty and fewer than 64 characters.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;lastUpdateTime&quot;: &quot;A String&quot;, # Output only. The last update time of this saved query.
+  &quot;lastUpdater&quot;: &quot;A String&quot;, # Output only. The account&#x27;s email address who has updated this saved query most recently.
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the saved query. The format must be: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/cloudasset_v1.v1.html

diff --git a/docs/dyn/cloudasset_v1.v1.html b/docs/dyn/cloudasset_v1.v1.html
index 472a421..4d5191f 100644
--- a/docs/dyn/cloudasset_v1.v1.html
+++ b/docs/dyn/cloudasset_v1.v1.html
@@ -75,7 +75,7 @@
 <h1><a href="cloudasset_v1.html">Cloud Asset API</a> . <a href="cloudasset_v1.v1.html">v1</a></h1>
 <h2>Instance Methods</h2>
 <p class="toc_element">
-  <code><a href="#analyzeIamPolicy">analyzeIamPolicy(scope, analysisQuery_accessSelector_permissions=None, analysisQuery_accessSelector_roles=None, analysisQuery_conditionContext_accessTime=None, analysisQuery_identitySelector_identity=None, analysisQuery_options_analyzeServiceAccountImpersonation=None, analysisQuery_options_expandGroups=None, analysisQuery_options_expandResources=None, analysisQuery_options_expandRoles=None, analysisQuery_options_outputGroupEdges=None, analysisQuery_options_outputResourceEdges=None, analysisQuery_resourceSelector_fullResourceName=None, executionTimeout=None, x__xgafv=None)</a></code></p>
+  <code><a href="#analyzeIamPolicy">analyzeIamPolicy(scope, analysisQuery_accessSelector_permissions=None, analysisQuery_accessSelector_roles=None, analysisQuery_conditionContext_accessTime=None, analysisQuery_identitySelector_identity=None, analysisQuery_options_analyzeServiceAccountImpersonation=None, analysisQuery_options_expandGroups=None, analysisQuery_options_expandResources=None, analysisQuery_options_expandRoles=None, analysisQuery_options_outputGroupEdges=None, analysisQuery_options_outputResourceEdges=None, analysisQuery_resourceSelector_fullResourceName=None, executionTimeout=None, savedAnalysisQuery=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Analyzes IAM policies to answer which identities have what accesses on which resources.</p>
 <p class="toc_element">
   <code><a href="#analyzeIamPolicyLongrunning">analyzeIamPolicyLongrunning(scope, body=None, x__xgafv=None)</a></code></p>
@@ -106,7 +106,7 @@
 <p class="firstline">Retrieves the next page of results.</p>
 <h3>Method Details</h3>
 <div class="method">
-    <code class="details" id="analyzeIamPolicy">analyzeIamPolicy(scope, analysisQuery_accessSelector_permissions=None, analysisQuery_accessSelector_roles=None, analysisQuery_conditionContext_accessTime=None, analysisQuery_identitySelector_identity=None, analysisQuery_options_analyzeServiceAccountImpersonation=None, analysisQuery_options_expandGroups=None, analysisQuery_options_expandResources=None, analysisQuery_options_expandRoles=None, analysisQuery_options_outputGroupEdges=None, analysisQuery_options_outputResourceEdges=None, analysisQuery_resourceSelector_fullResourceName=None, executionTimeout=None, x__xgafv=None)</code>
+    <code class="details" id="analyzeIamPolicy">analyzeIamPolicy(scope, analysisQuery_accessSelector_permissions=None, analysisQuery_accessSelector_roles=None, analysisQuery_conditionContext_accessTime=None, analysisQuery_identitySelector_identity=None, analysisQuery_options_analyzeServiceAccountImpersonation=None, analysisQuery_options_expandGroups=None, analysisQuery_options_expandResources=None, analysisQuery_options_expandRoles=None, analysisQuery_options_outputGroupEdges=None, analysisQuery_options_outputResourceEdges=None, analysisQuery_resourceSelector_fullResourceName=None, executionTimeout=None, savedAnalysisQuery=None, x__xgafv=None)</code>
   <pre>Analyzes IAM policies to answer which identities have what accesses on which resources.
 
 Args:
@@ -123,6 +123,7 @@
   analysisQuery_options_outputResourceEdges: boolean, Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false.
   analysisQuery_resourceSelector_fullResourceName: string, Required. The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types).
   executionTimeout: string, Optional. Amount of time executable has to complete. See JSON representation of [Duration](https://developers.google.com/protocol-buffers/docs/proto3#json). If this field is set with a value less than the RPC deadline, and the execution of your query hasn&#x27;t finished in the specified execution timeout, you will get a response with partial result. Otherwise, your query&#x27;s execution will continue until the RPC deadline. If it&#x27;s not finished until then, you will get a DEADLINE_EXCEEDED error. Default is empty.
+  savedAnalysisQuery: string, Optional. The name of a saved query, which must be in the format of: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id If both `analysis_query` and `saved_analysis_query` are provided, they will be merged together with the `saved_analysis_query` as base and the `analysis_query` as overrides. For more details of the merge behavior, please refer to the [MergeFrom](https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.message#Message.MergeFrom.details) page. Note that you cannot override primitive fields with default value, such as 0 or empty string, etc., because we use proto3, which doesn&#x27;t support field presence yet.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -395,6 +396,7 @@
       &quot;uri&quot;: &quot;A String&quot;, # Required. The uri of the Cloud Storage object. It&#x27;s the same uri that is used by gsutil. Example: &quot;gs://bucket_name/object_name&quot;. See [Viewing and Editing Object Metadata](https://cloud.google.com/storage/docs/viewing-editing-metadata) for more information. If the specified Cloud Storage object already exists and there is no [hold](https://cloud.google.com/storage/docs/object-holds), it will be overwritten with the analysis result.
     },
   },
+  &quot;savedAnalysisQuery&quot;: &quot;A String&quot;, # Optional. The name of a saved query, which must be in the format of: * projects/project_number/savedQueries/saved_query_id * folders/folder_number/savedQueries/saved_query_id * organizations/organization_number/savedQueries/saved_query_id If both `analysis_query` and `saved_analysis_query` are provided, they will be merged together with the `saved_analysis_query` as base and the `analysis_query` as overrides. For more details of the merge behavior, please refer to the [MergeFrom](https://developers.google.com/protocol-buffers/docs/reference/cpp/google.protobuf.message#Message.MergeFrom.details) doc. Note that you cannot override primitive fields with default value, such as 0 or empty string, etc., because we use proto3, which doesn&#x27;t support field presence yet.
 }
 
   x__xgafv: string, V1 error format.

docs/dyn/cloudfunctions_v1.projects.locations.functions.html

diff --git a/docs/dyn/cloudfunctions_v1.projects.locations.functions.html b/docs/dyn/cloudfunctions_v1.projects.locations.functions.html
index b629d95..ba6de2d 100644
--- a/docs/dyn/cloudfunctions_v1.projects.locations.functions.html
+++ b/docs/dyn/cloudfunctions_v1.projects.locations.functions.html
@@ -165,6 +165,7 @@
   "buildName": "A String", # Output only. The Cloud Build Name of the function deployment. `projects//locations//builds/`.
   "buildWorkerPool": "A String", # Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where `{project}` and `{region}` are the project id and region respectively where the worker pool is defined and `{workerPool}` is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (`service-@gcf-admin-robot.iam.gserviceaccount.com`) must be granted the role Cloud Build Custom Workers Builder (`roles/cloudbuild.customworkers.builder`) in the project.
   "description": "A String", # User-provided description of a function.
+  "dockerRepository": "A String", # User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. If unspecified and the deployment is eligible to use Artifact Registry, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.
   "entryPoint": "A String", # The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in `source_location`.
   "environmentVariables": { # Environment variables that shall be available during function execution.
     "a_key": "A String",
@@ -183,6 +184,7 @@
     "url": "A String", # Output only. The deployed url for the function.
   },
   "ingressSettings": "A String", # The ingress settings for the function, controlling what traffic can reach it.
+  "kmsKeyName": "A String", # Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. If specified, you must also provide an artifact registry repository using the `docker_repository` field that was created with the same KMS crypto key. The following service accounts need to be granted the role 'Cloud KMS CryptoKey Encrypter/Decrypter (roles/cloudkms.cryptoKeyEncrypterDecrypter)' on the Key/KeyRing/Project/Organization (least access preferred). 1. Google Cloud Functions service account (service-{project_number}@gcf-admin-robot.iam.gserviceaccount.com) - Required to protect the function's image. 2. Google Storage service account (service-{project_number}@gs-project-accounts.iam.gserviceaccount.com) - Required to protect the function's source code. If this service account does not exist, deploying a function without a KMS key or retrieving the service agent name provisions it. For more information, see https://cloud.google.com/storage/docs/projects#service-agents and https://cloud.google.com/storage/docs/getting-service-agent#gsutil. Google Cloud Functions delegates access to service agents to protect function resources in internal projects that are not accessible by the end user.
   "labels": { # Labels associated with this Cloud Function.
     "a_key": "A String",
   },
@@ -366,6 +368,7 @@
   "buildName": "A String", # Output only. The Cloud Build Name of the function deployment. `projects//locations//builds/`.
   "buildWorkerPool": "A String", # Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where `{project}` and `{region}` are the project id and region respectively where the worker pool is defined and `{workerPool}` is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (`service-@gcf-admin-robot.iam.gserviceaccount.com`) must be granted the role Cloud Build Custom Workers Builder (`roles/cloudbuild.customworkers.builder`) in the project.
   "description": "A String", # User-provided description of a function.
+  "dockerRepository": "A String", # User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. If unspecified and the deployment is eligible to use Artifact Registry, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.
   "entryPoint": "A String", # The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in `source_location`.
   "environmentVariables": { # Environment variables that shall be available during function execution.
     "a_key": "A String",
@@ -384,6 +387,7 @@
     "url": "A String", # Output only. The deployed url for the function.
   },
   "ingressSettings": "A String", # The ingress settings for the function, controlling what traffic can reach it.
+  "kmsKeyName": "A String", # Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. If specified, you must also provide an artifact registry repository using the `docker_repository` field that was created with the same KMS crypto key. The following service accounts need to be granted the role 'Cloud KMS CryptoKey Encrypter/Decrypter (roles/cloudkms.cryptoKeyEncrypterDecrypter)' on the Key/KeyRing/Project/Organization (least access preferred). 1. Google Cloud Functions service account (service-{project_number}@gcf-admin-robot.iam.gserviceaccount.com) - Required to protect the function's image. 2. Google Storage service account (service-{project_number}@gs-project-accounts.iam.gserviceaccount.com) - Required to protect the function's source code. If this service account does not exist, deploying a function without a KMS key or retrieving the service agent name provisions it. For more information, see https://cloud.google.com/storage/docs/projects#service-agents and https://cloud.google.com/storage/docs/getting-service-agent#gsutil. Google Cloud Functions delegates access to service agents to protect function resources in internal projects that are not accessible by the end user.
   "labels": { # Labels associated with this Cloud Function.
     "a_key": "A String",
   },
@@ -436,7 +440,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -505,6 +509,7 @@
       "buildName": "A String", # Output only. The Cloud Build Name of the function deployment. `projects//locations//builds/`.
       "buildWorkerPool": "A String", # Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where `{project}` and `{region}` are the project id and region respectively where the worker pool is defined and `{workerPool}` is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (`service-@gcf-admin-robot.iam.gserviceaccount.com`) must be granted the role Cloud Build Custom Workers Builder (`roles/cloudbuild.customworkers.builder`) in the project.
       "description": "A String", # User-provided description of a function.
+      "dockerRepository": "A String", # User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. If unspecified and the deployment is eligible to use Artifact Registry, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.
       "entryPoint": "A String", # The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in `source_location`.
       "environmentVariables": { # Environment variables that shall be available during function execution.
         "a_key": "A String",
@@ -523,6 +528,7 @@
         "url": "A String", # Output only. The deployed url for the function.
       },
       "ingressSettings": "A String", # The ingress settings for the function, controlling what traffic can reach it.
+      "kmsKeyName": "A String", # Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. If specified, you must also provide an artifact registry repository using the `docker_repository` field that was created with the same KMS crypto key. The following service accounts need to be granted the role 'Cloud KMS CryptoKey Encrypter/Decrypter (roles/cloudkms.cryptoKeyEncrypterDecrypter)' on the Key/KeyRing/Project/Organization (least access preferred). 1. Google Cloud Functions service account (service-{project_number}@gcf-admin-robot.iam.gserviceaccount.com) - Required to protect the function's image. 2. Google Storage service account (service-{project_number}@gs-project-accounts.iam.gserviceaccount.com) - Required to protect the function's source code. If this service account does not exist, deploying a function without a KMS key or retrieving the service agent name provisions it. For more information, see https://cloud.google.com/storage/docs/projects#service-agents and https://cloud.google.com/storage/docs/getting-service-agent#gsutil. Google Cloud Functions delegates access to service agents to protect function resources in internal projects that are not accessible by the end user.
       "labels": { # Labels associated with this Cloud Function.
         "a_key": "A String",
       },
@@ -607,6 +613,7 @@
   "buildName": "A String", # Output only. The Cloud Build Name of the function deployment. `projects//locations//builds/`.
   "buildWorkerPool": "A String", # Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where `{project}` and `{region}` are the project id and region respectively where the worker pool is defined and `{workerPool}` is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (`service-@gcf-admin-robot.iam.gserviceaccount.com`) must be granted the role Cloud Build Custom Workers Builder (`roles/cloudbuild.customworkers.builder`) in the project.
   "description": "A String", # User-provided description of a function.
+  "dockerRepository": "A String", # User managed repository created in Artifact Registry optionally with a customer managed encryption key. If specified, deployments will use Artifact Registry. If unspecified and the deployment is eligible to use Artifact Registry, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'.
   "entryPoint": "A String", # The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named "function". For Node.js this is name of a function exported by the module specified in `source_location`.
   "environmentVariables": { # Environment variables that shall be available during function execution.
     "a_key": "A String",
@@ -625,6 +632,7 @@
     "url": "A String", # Output only. The deployed url for the function.
   },
   "ingressSettings": "A String", # The ingress settings for the function, controlling what traffic can reach it.
+  "kmsKeyName": "A String", # Resource name of a KMS crypto key (managed by the user) used to encrypt/decrypt function resources. It must match the pattern `projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}`. If specified, you must also provide an artifact registry repository using the `docker_repository` field that was created with the same KMS crypto key. The following service accounts need to be granted the role 'Cloud KMS CryptoKey Encrypter/Decrypter (roles/cloudkms.cryptoKeyEncrypterDecrypter)' on the Key/KeyRing/Project/Organization (least access preferred). 1. Google Cloud Functions service account (service-{project_number}@gcf-admin-robot.iam.gserviceaccount.com) - Required to protect the function's image. 2. Google Storage service account (service-{project_number}@gs-project-accounts.iam.gserviceaccount.com) - Required to protect the function's source code. If this service account does not exist, deploying a function without a KMS key or retrieving the service agent name provisions it. For more information, see https://cloud.google.com/storage/docs/projects#service-agents and https://cloud.google.com/storage/docs/getting-service-agent#gsutil. Google Cloud Functions delegates access to service agents to protect function resources in internal projects that are not accessible by the end user.
   "labels": { # Labels associated with this Cloud Function.
     "a_key": "A String",
   },

docs/dyn/cloudkms_v1.projects.locations.keyRings.cryptoKeys.html

diff --git a/docs/dyn/cloudkms_v1.projects.locations.keyRings.cryptoKeys.html b/docs/dyn/cloudkms_v1.projects.locations.keyRings.cryptoKeys.html
index 2516ecf..cf49671 100644
--- a/docs/dyn/cloudkms_v1.projects.locations.keyRings.cryptoKeys.html
+++ b/docs/dyn/cloudkms_v1.projects.locations.keyRings.cryptoKeys.html
@@ -375,7 +375,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/cloudkms_v1.projects.locations.keyRings.html

diff --git a/docs/dyn/cloudkms_v1.projects.locations.keyRings.html b/docs/dyn/cloudkms_v1.projects.locations.keyRings.html
index f0d4a46..845c368 100644
--- a/docs/dyn/cloudkms_v1.projects.locations.keyRings.html
+++ b/docs/dyn/cloudkms_v1.projects.locations.keyRings.html
@@ -169,7 +169,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/cloudkms_v1.projects.locations.keyRings.importJobs.html

diff --git a/docs/dyn/cloudkms_v1.projects.locations.keyRings.importJobs.html b/docs/dyn/cloudkms_v1.projects.locations.keyRings.importJobs.html
index 394a0da..2dd53ac 100644
--- a/docs/dyn/cloudkms_v1.projects.locations.keyRings.importJobs.html
+++ b/docs/dyn/cloudkms_v1.projects.locations.keyRings.importJobs.html
@@ -231,7 +231,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/cloudresourcemanager_v1.organizations.html

diff --git a/docs/dyn/cloudresourcemanager_v1.organizations.html b/docs/dyn/cloudresourcemanager_v1.organizations.html
index 92d3a64..7e8f687 100644
--- a/docs/dyn/cloudresourcemanager_v1.organizations.html
+++ b/docs/dyn/cloudresourcemanager_v1.organizations.html
@@ -232,7 +232,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v1.projects.html

diff --git a/docs/dyn/cloudresourcemanager_v1.projects.html b/docs/dyn/cloudresourcemanager_v1.projects.html
index fc2518c..277a2cc 100644
--- a/docs/dyn/cloudresourcemanager_v1.projects.html
+++ b/docs/dyn/cloudresourcemanager_v1.projects.html
@@ -354,7 +354,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v1beta1.organizations.html

diff --git a/docs/dyn/cloudresourcemanager_v1beta1.organizations.html b/docs/dyn/cloudresourcemanager_v1beta1.organizations.html
index c55abba..bae9bc5 100644
--- a/docs/dyn/cloudresourcemanager_v1beta1.organizations.html
+++ b/docs/dyn/cloudresourcemanager_v1beta1.organizations.html
@@ -142,7 +142,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v1beta1.projects.html

diff --git a/docs/dyn/cloudresourcemanager_v1beta1.projects.html b/docs/dyn/cloudresourcemanager_v1beta1.projects.html
index bbfd78a..e39fc79 100644
--- a/docs/dyn/cloudresourcemanager_v1beta1.projects.html
+++ b/docs/dyn/cloudresourcemanager_v1beta1.projects.html
@@ -255,7 +255,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v2.folders.html

diff --git a/docs/dyn/cloudresourcemanager_v2.folders.html b/docs/dyn/cloudresourcemanager_v2.folders.html
index a8e5751..d34b91c 100644
--- a/docs/dyn/cloudresourcemanager_v2.folders.html
+++ b/docs/dyn/cloudresourcemanager_v2.folders.html
@@ -225,7 +225,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v2beta1.folders.html

diff --git a/docs/dyn/cloudresourcemanager_v2beta1.folders.html b/docs/dyn/cloudresourcemanager_v2beta1.folders.html
index 3a5a484..643f900 100644
--- a/docs/dyn/cloudresourcemanager_v2beta1.folders.html
+++ b/docs/dyn/cloudresourcemanager_v2beta1.folders.html
@@ -225,7 +225,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v3.folders.html

diff --git a/docs/dyn/cloudresourcemanager_v3.folders.html b/docs/dyn/cloudresourcemanager_v3.folders.html
index 80d7664..5c1bee6 100644
--- a/docs/dyn/cloudresourcemanager_v3.folders.html
+++ b/docs/dyn/cloudresourcemanager_v3.folders.html
@@ -242,7 +242,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v3.organizations.html

diff --git a/docs/dyn/cloudresourcemanager_v3.organizations.html b/docs/dyn/cloudresourcemanager_v3.organizations.html
index 2a45027..5ece80d 100644
--- a/docs/dyn/cloudresourcemanager_v3.organizations.html
+++ b/docs/dyn/cloudresourcemanager_v3.organizations.html
@@ -138,7 +138,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v3.projects.html

diff --git a/docs/dyn/cloudresourcemanager_v3.projects.html b/docs/dyn/cloudresourcemanager_v3.projects.html
index 715f286..4e79297 100644
--- a/docs/dyn/cloudresourcemanager_v3.projects.html
+++ b/docs/dyn/cloudresourcemanager_v3.projects.html
@@ -250,7 +250,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v3.tagKeys.html

diff --git a/docs/dyn/cloudresourcemanager_v3.tagKeys.html b/docs/dyn/cloudresourcemanager_v3.tagKeys.html
index ba0b9d2..6c2abd0 100644
--- a/docs/dyn/cloudresourcemanager_v3.tagKeys.html
+++ b/docs/dyn/cloudresourcemanager_v3.tagKeys.html
@@ -233,7 +233,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/cloudresourcemanager_v3.tagValues.html

diff --git a/docs/dyn/cloudresourcemanager_v3.tagValues.html b/docs/dyn/cloudresourcemanager_v3.tagValues.html
index cff3826..3abf842 100644
--- a/docs/dyn/cloudresourcemanager_v3.tagValues.html
+++ b/docs/dyn/cloudresourcemanager_v3.tagValues.html
@@ -233,7 +233,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/compute_alpha.addresses.html

diff --git a/docs/dyn/compute_alpha.addresses.html b/docs/dyn/compute_alpha.addresses.html
index de74b3e..8088469 100644
--- a/docs/dyn/compute_alpha.addresses.html
+++ b/docs/dyn/compute_alpha.addresses.html
@@ -243,9 +243,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -384,9 +381,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -542,9 +536,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.autoscalers.html

diff --git a/docs/dyn/compute_alpha.autoscalers.html b/docs/dyn/compute_alpha.autoscalers.html
index d501f10..9772d98 100644
--- a/docs/dyn/compute_alpha.autoscalers.html
+++ b/docs/dyn/compute_alpha.autoscalers.html
@@ -295,9 +295,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -534,9 +531,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -810,9 +804,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -989,9 +980,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.backendBuckets.html

diff --git a/docs/dyn/compute_alpha.backendBuckets.html b/docs/dyn/compute_alpha.backendBuckets.html
index 0a14bca..70f6624 100644
--- a/docs/dyn/compute_alpha.backendBuckets.html
+++ b/docs/dyn/compute_alpha.backendBuckets.html
@@ -160,9 +160,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -232,9 +229,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -300,9 +294,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -364,7 +355,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -527,7 +518,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -587,9 +578,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -658,7 +646,7 @@
           ],
         },
         "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -747,7 +735,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -807,9 +795,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -881,9 +866,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1182,7 +1164,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1242,9 +1224,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.backendServices.html

diff --git a/docs/dyn/compute_alpha.backendServices.html b/docs/dyn/compute_alpha.backendServices.html
index 68309e4..2769027 100644
--- a/docs/dyn/compute_alpha.backendServices.html
+++ b/docs/dyn/compute_alpha.backendServices.html
@@ -172,9 +172,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -271,7 +268,7 @@
               ],
             },
             "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-            "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+            "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
             "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
             "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
             "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -709,9 +706,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -777,9 +771,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -866,7 +857,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1420,7 +1411,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1801,9 +1792,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1897,7 +1885,7 @@
           ],
         },
         "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -2332,7 +2320,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -2713,9 +2701,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2787,9 +2772,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3072,9 +3054,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3187,7 +3166,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -3568,9 +3547,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.disks.html

diff --git a/docs/dyn/compute_alpha.disks.html b/docs/dyn/compute_alpha.disks.html
index aa842b0..3d54086 100644
--- a/docs/dyn/compute_alpha.disks.html
+++ b/docs/dyn/compute_alpha.disks.html
@@ -171,9 +171,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -461,9 +458,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -529,9 +523,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -890,9 +881,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1104,9 +1092,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1179,9 +1164,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1469,9 +1451,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1658,9 +1637,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.externalVpnGateways.html

diff --git a/docs/dyn/compute_alpha.externalVpnGateways.html b/docs/dyn/compute_alpha.externalVpnGateways.html
index c21c7b7..c3f9548 100644
--- a/docs/dyn/compute_alpha.externalVpnGateways.html
+++ b/docs/dyn/compute_alpha.externalVpnGateways.html
@@ -139,9 +139,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -264,9 +261,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -413,9 +407,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.firewallPolicies.html

diff --git a/docs/dyn/compute_alpha.firewallPolicies.html b/docs/dyn/compute_alpha.firewallPolicies.html
index 2e71344..cb13775 100644
--- a/docs/dyn/compute_alpha.firewallPolicies.html
+++ b/docs/dyn/compute_alpha.firewallPolicies.html
@@ -181,9 +181,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -301,9 +298,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -368,9 +362,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -439,9 +430,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -871,9 +859,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1094,9 +1079,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1240,9 +1222,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1361,9 +1340,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1428,9 +1404,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1495,9 +1468,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.firewalls.html

diff --git a/docs/dyn/compute_alpha.firewalls.html b/docs/dyn/compute_alpha.firewalls.html
index 4feeead..637b6fe 100644
--- a/docs/dyn/compute_alpha.firewalls.html
+++ b/docs/dyn/compute_alpha.firewalls.html
@@ -142,9 +142,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -220,7 +217,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -283,7 +280,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -333,9 +330,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -418,7 +412,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -511,7 +505,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -561,9 +555,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -665,7 +656,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -715,9 +706,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.forwardingRules.html

diff --git a/docs/dyn/compute_alpha.forwardingRules.html b/docs/dyn/compute_alpha.forwardingRules.html
index 302b55c..907f2b3 100644
--- a/docs/dyn/compute_alpha.forwardingRules.html
+++ b/docs/dyn/compute_alpha.forwardingRules.html
@@ -279,9 +279,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -480,9 +477,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -718,9 +712,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -796,9 +787,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -871,9 +859,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.futureReservations.html

diff --git a/docs/dyn/compute_alpha.futureReservations.html b/docs/dyn/compute_alpha.futureReservations.html
index c1f259f..d27208f 100644
--- a/docs/dyn/compute_alpha.futureReservations.html
+++ b/docs/dyn/compute_alpha.futureReservations.html
@@ -278,9 +278,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -351,9 +348,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -570,9 +564,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -832,9 +823,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.globalAddresses.html

diff --git a/docs/dyn/compute_alpha.globalAddresses.html b/docs/dyn/compute_alpha.globalAddresses.html
index 49a4261..bd74866 100644
--- a/docs/dyn/compute_alpha.globalAddresses.html
+++ b/docs/dyn/compute_alpha.globalAddresses.html
@@ -142,9 +142,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -301,9 +298,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -456,9 +450,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.globalForwardingRules.html

diff --git a/docs/dyn/compute_alpha.globalForwardingRules.html b/docs/dyn/compute_alpha.globalForwardingRules.html
index 8ae1769..f9dcb66 100644
--- a/docs/dyn/compute_alpha.globalForwardingRules.html
+++ b/docs/dyn/compute_alpha.globalForwardingRules.html
@@ -145,9 +145,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -344,9 +341,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -580,9 +574,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -656,9 +647,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -730,9 +718,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.globalNetworkEndpointGroups.html

diff --git a/docs/dyn/compute_alpha.globalNetworkEndpointGroups.html b/docs/dyn/compute_alpha.globalNetworkEndpointGroups.html
index ed32453..863d2ab 100644
--- a/docs/dyn/compute_alpha.globalNetworkEndpointGroups.html
+++ b/docs/dyn/compute_alpha.globalNetworkEndpointGroups.html
@@ -157,9 +157,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -229,9 +226,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -313,9 +307,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -494,9 +485,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.globalOperations.html

diff --git a/docs/dyn/compute_alpha.globalOperations.html b/docs/dyn/compute_alpha.globalOperations.html
index 3814e71..5c90b32 100644
--- a/docs/dyn/compute_alpha.globalOperations.html
+++ b/docs/dyn/compute_alpha.globalOperations.html
@@ -143,9 +143,6 @@
           "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
           "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
           "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-          "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-            "a_key": "", # Properties of the object. Contains field @type with type URL.
-          },
           "name": "A String", # [Output Only] Name of the operation.
           "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
           "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -272,9 +269,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -345,9 +339,6 @@
       "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
       "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
       "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-      "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-        "a_key": "", # Properties of the object. Contains field @type with type URL.
-      },
       "name": "A String", # [Output Only] Name of the operation.
       "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
       "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -440,9 +431,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.globalOrganizationOperations.html

diff --git a/docs/dyn/compute_alpha.globalOrganizationOperations.html b/docs/dyn/compute_alpha.globalOrganizationOperations.html
index 47f108f..a3063a6 100644
--- a/docs/dyn/compute_alpha.globalOrganizationOperations.html
+++ b/docs/dyn/compute_alpha.globalOrganizationOperations.html
@@ -143,9 +143,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -216,9 +213,6 @@
       "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
       "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
       "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-      "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-        "a_key": "", # Properties of the object. Contains field @type with type URL.
-      },
       "name": "A String", # [Output Only] Name of the operation.
       "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
       "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.globalPublicDelegatedPrefixes.html

diff --git a/docs/dyn/compute_alpha.globalPublicDelegatedPrefixes.html b/docs/dyn/compute_alpha.globalPublicDelegatedPrefixes.html
index 1d95cc1..a5f119d 100644
--- a/docs/dyn/compute_alpha.globalPublicDelegatedPrefixes.html
+++ b/docs/dyn/compute_alpha.globalPublicDelegatedPrefixes.html
@@ -136,9 +136,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -275,9 +272,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -451,9 +445,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.healthChecks.html

diff --git a/docs/dyn/compute_alpha.healthChecks.html b/docs/dyn/compute_alpha.healthChecks.html
index f9eb119..b982485 100644
--- a/docs/dyn/compute_alpha.healthChecks.html
+++ b/docs/dyn/compute_alpha.healthChecks.html
@@ -295,9 +295,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -534,9 +531,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -810,9 +804,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -988,9 +979,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.httpHealthChecks.html

diff --git a/docs/dyn/compute_alpha.httpHealthChecks.html b/docs/dyn/compute_alpha.httpHealthChecks.html
index 97727f5..885d13c 100644
--- a/docs/dyn/compute_alpha.httpHealthChecks.html
+++ b/docs/dyn/compute_alpha.httpHealthChecks.html
@@ -142,9 +142,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -261,9 +258,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -417,9 +411,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -535,9 +526,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.httpsHealthChecks.html

diff --git a/docs/dyn/compute_alpha.httpsHealthChecks.html b/docs/dyn/compute_alpha.httpsHealthChecks.html
index 8f66277..9dca213 100644
--- a/docs/dyn/compute_alpha.httpsHealthChecks.html
+++ b/docs/dyn/compute_alpha.httpsHealthChecks.html
@@ -142,9 +142,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -261,9 +258,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -417,9 +411,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -535,9 +526,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.images.html

diff --git a/docs/dyn/compute_alpha.images.html b/docs/dyn/compute_alpha.images.html
index a6d0982..b71465d 100644
--- a/docs/dyn/compute_alpha.images.html
+++ b/docs/dyn/compute_alpha.images.html
@@ -154,9 +154,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -238,9 +235,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -804,9 +798,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1167,9 +1158,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1454,9 +1442,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.instanceGroupManagers.html

diff --git a/docs/dyn/compute_alpha.instanceGroupManagers.html b/docs/dyn/compute_alpha.instanceGroupManagers.html
index ec79bd6..e11c090 100644
--- a/docs/dyn/compute_alpha.instanceGroupManagers.html
+++ b/docs/dyn/compute_alpha.instanceGroupManagers.html
@@ -222,9 +222,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -522,9 +519,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -638,9 +632,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -706,9 +697,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -784,9 +772,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -860,9 +845,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1247,9 +1229,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1951,9 +1930,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2062,9 +2038,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2139,9 +2112,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2208,9 +2178,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2284,9 +2251,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2361,9 +2325,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2447,9 +2408,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2522,9 +2480,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2600,9 +2555,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2677,9 +2629,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2755,9 +2704,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2833,9 +2779,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3086,9 +3029,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3197,9 +3137,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.instanceGroups.html

diff --git a/docs/dyn/compute_alpha.instanceGroups.html b/docs/dyn/compute_alpha.instanceGroups.html
index 59be319..5f99101 100644
--- a/docs/dyn/compute_alpha.instanceGroups.html
+++ b/docs/dyn/compute_alpha.instanceGroups.html
@@ -164,9 +164,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -329,9 +326,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -460,9 +454,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -686,9 +677,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -767,9 +755,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.instanceTemplates.html

diff --git a/docs/dyn/compute_alpha.instanceTemplates.html b/docs/dyn/compute_alpha.instanceTemplates.html
index f77c9ed..5ad4be1 100644
--- a/docs/dyn/compute_alpha.instanceTemplates.html
+++ b/docs/dyn/compute_alpha.instanceTemplates.html
@@ -142,9 +142,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -196,7 +193,7 @@
   "kind": "compute#instanceTemplate", # [Output Only] The resource type, which is always compute#instanceTemplate for instance templates.
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "properties": { # The instance properties for this instance template.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "enableUefiNetworking": True or False, # Whether to enable UEFI networking for instance creation.
       "numaNodeCount": 42, # The number of vNUMA nodes.
@@ -204,7 +201,7 @@
       "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -313,7 +310,7 @@
         ],
       },
     ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -348,9 +345,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -371,9 +368,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -397,20 +394,20 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+    "networkPerformanceConfig": {
       "externalIpEgressBandwidthTier": "A String",
       "totalEgressBandwidthTier": "A String",
     },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -438,7 +435,7 @@
       "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
       "provisioningModel": "A String", # Specifies the provisioning model of the instance.
     },
-    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet.
+    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50.
       "A String",
     ],
     "serviceAccounts": [ # A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances.
@@ -449,7 +446,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -602,7 +599,7 @@
   "kind": "compute#instanceTemplate", # [Output Only] The resource type, which is always compute#instanceTemplate for instance templates.
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "properties": { # The instance properties for this instance template.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "enableUefiNetworking": True or False, # Whether to enable UEFI networking for instance creation.
       "numaNodeCount": 42, # The number of vNUMA nodes.
@@ -610,7 +607,7 @@
       "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -719,7 +716,7 @@
         ],
       },
     ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -754,9 +751,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -777,9 +774,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -803,20 +800,20 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+    "networkPerformanceConfig": {
       "externalIpEgressBandwidthTier": "A String",
       "totalEgressBandwidthTier": "A String",
     },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -844,7 +841,7 @@
       "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
       "provisioningModel": "A String", # Specifies the provisioning model of the instance.
     },
-    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet.
+    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50.
       "A String",
     ],
     "serviceAccounts": [ # A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances.
@@ -855,7 +852,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -915,9 +912,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -976,7 +970,7 @@
       "kind": "compute#instanceTemplate", # [Output Only] The resource type, which is always compute#instanceTemplate for instance templates.
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "properties": { # The instance properties for this instance template.
-        "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+        "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
           "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
           "enableUefiNetworking": True or False, # Whether to enable UEFI networking for instance creation.
           "numaNodeCount": 42, # The number of vNUMA nodes.
@@ -984,7 +978,7 @@
           "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
         },
         "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-        "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+        "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
           "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
         },
         "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -1093,7 +1087,7 @@
             ],
           },
         ],
-        "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+        "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
           "enableDisplay": True or False, # Defines whether the instance has Display enabled.
         },
         "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -1128,9 +1122,9 @@
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -1151,9 +1145,9 @@
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -1177,20 +1171,20 @@
             "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
           },
         ],
-        "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+        "networkPerformanceConfig": {
           "externalIpEgressBandwidthTier": "A String",
           "totalEgressBandwidthTier": "A String",
         },
-        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-        "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+        "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
           "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
           "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
           "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
             "A String",
           ],
         },
-        "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+        "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
           "A String",
         ],
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -1218,7 +1212,7 @@
           "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
           "provisioningModel": "A String", # Specifies the provisioning model of the instance.
         },
-        "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet.
+        "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50.
           "A String",
         ],
         "serviceAccounts": [ # A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances.
@@ -1229,7 +1223,7 @@
             ],
           },
         ],
-        "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+        "shieldedInstanceConfig": { # A set of Shielded Instance options.
           "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
           "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
           "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.

docs/dyn/compute_alpha.instances.html

diff --git a/docs/dyn/compute_alpha.instances.html b/docs/dyn/compute_alpha.instances.html
index 93a051a..42f3566 100644
--- a/docs/dyn/compute_alpha.instances.html
+++ b/docs/dyn/compute_alpha.instances.html
@@ -257,9 +257,9 @@
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
   "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
   "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
@@ -291,9 +291,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -368,9 +365,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -598,9 +592,9 @@
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                   "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                   "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
                 },
               ],
@@ -621,9 +615,9 @@
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                   "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                   "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
                 },
               ],
@@ -945,9 +939,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1162,9 +1153,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -1185,9 +1176,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -1320,7 +1311,7 @@
     "zone": "A String", # [Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   },
   "instanceProperties": { # The instance properties defining the VM instances to be created. Required if sourceInstanceTemplate is not provided.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "enableUefiNetworking": True or False, # Whether to enable UEFI networking for instance creation.
       "numaNodeCount": 42, # The number of vNUMA nodes.
@@ -1328,7 +1319,7 @@
       "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -1437,7 +1428,7 @@
         ],
       },
     ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -1472,9 +1463,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -1495,9 +1486,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -1521,20 +1512,20 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+    "networkPerformanceConfig": {
       "externalIpEgressBandwidthTier": "A String",
       "totalEgressBandwidthTier": "A String",
     },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -1562,7 +1553,7 @@
       "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
       "provisioningModel": "A String", # Specifies the provisioning model of the instance.
     },
-    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet.
+    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50.
       "A String",
     ],
     "serviceAccounts": [ # A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances.
@@ -1573,7 +1564,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -1636,9 +1627,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1709,9 +1697,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1779,9 +1764,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1848,9 +1830,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2069,9 +2048,9 @@
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -2092,9 +2071,9 @@
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -2338,7 +2317,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -2887,9 +2866,9 @@
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -2910,9 +2889,9 @@
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -3075,9 +3054,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3303,9 +3279,9 @@
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
               "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
               "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
               "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
             },
           ],
@@ -3326,9 +3302,9 @@
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
               "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
               "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
               "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
             },
           ],
@@ -3588,9 +3564,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3665,9 +3638,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3733,9 +3703,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3826,9 +3793,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3910,9 +3874,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3980,9 +3941,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4270,9 +4228,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4350,9 +4305,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4425,9 +4377,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4507,9 +4456,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4582,9 +4528,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4658,9 +4601,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4755,9 +4695,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4833,9 +4770,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4908,9 +4842,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4983,9 +4914,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -5061,9 +4989,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -5128,9 +5053,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -5196,9 +5118,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -5289,9 +5208,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -5358,9 +5274,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -5427,9 +5340,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -5675,9 +5585,9 @@
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -5698,9 +5608,9 @@
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
           "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
           "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -5874,9 +5784,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -5926,9 +5833,9 @@
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
   "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
   "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
@@ -5960,9 +5867,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -6035,9 +5939,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -6089,9 +5990,9 @@
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
       "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
       "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
       "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
     },
   ],
@@ -6112,9 +6013,9 @@
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
       "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
       "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
       "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
     },
   ],
@@ -6166,9 +6067,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -6243,9 +6141,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -6320,9 +6215,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.instantSnapshots.html

diff --git a/docs/dyn/compute_alpha.instantSnapshots.html b/docs/dyn/compute_alpha.instantSnapshots.html
index 8e8cc45..93be904 100644
--- a/docs/dyn/compute_alpha.instantSnapshots.html
+++ b/docs/dyn/compute_alpha.instantSnapshots.html
@@ -75,12 +75,6 @@
 <h1><a href="compute_alpha.html">Compute Engine API</a> . <a href="compute_alpha.instantSnapshots.html">instantSnapshots</a></h1>
 <h2>Instance Methods</h2>
 <p class="toc_element">
-  <code><a href="#aggregatedList">aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Retrieves an aggregated list of instantSnapshots.</p>
-<p class="toc_element">
-  <code><a href="#aggregatedList_next">aggregatedList_next(previous_request, previous_response)</a></code></p>
-<p class="firstline">Retrieves the next page of results.</p>
-<p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
 <p class="toc_element">
@@ -115,98 +109,6 @@
 <p class="firstline">Returns permissions that a caller has on the specified resource.</p>
 <h3>Method Details</h3>
 <div class="method">
-    <code class="details" id="aggregatedList">aggregatedList(project, filter=None, includeAllScopes=None, maxResults=None, orderBy=None, pageToken=None, returnPartialSuccess=None, x__xgafv=None)</code>
-  <pre>Retrieves an aggregated list of instantSnapshots.
-
-Args:
-  project: string, Project ID for this request. (required)
-  filter: string, A filter expression that filters resources listed in the response. The expression must specify the field name, a comparison operator, and the value that you want to use for filtering. The value must be a string, a number, or a boolean. The comparison operator must be either `=`, `!=`, `&gt;`, or `&lt;`. For example, if you are filtering Compute Engine instances, you can exclude instances named `example-instance` by specifying `name != example-instance`. You can also filter nested fields. For example, you could specify `scheduling.automaticRestart = false` to include instances only if they are not scheduled for automatic restarts. You can use filtering on nested fields to filter based on resource labels. To filter on multiple expressions, provide each separate expression within parentheses. For example: ``` (scheduling.automaticRestart = true) (cpuPlatform = &quot;Intel Skylake&quot;) ``` By default, each expression is an `AND` expression. However, you can include `AND` and `OR` expressions explicitly. For example: ``` (cpuPlatform = &quot;Intel Skylake&quot;) OR (cpuPlatform = &quot;Intel Broadwell&quot;) AND (scheduling.automaticRestart = true) ```
-  includeAllScopes: boolean, Indicates whether every visible scope for each scope type (zone, region, global) should be included in the response. For new resource types added after this field, the flag has no effect as new resource types will always include every visible scope for each scope type in response. For resource types which predate this field, if this flag is omitted or false, only scopes of the scope types where the resource type is expected to be found will be included.
-  maxResults: integer, The maximum number of results per page that should be returned. If the number of available results is larger than `maxResults`, Compute Engine returns a `nextPageToken` that can be used to get the next page of results in subsequent list requests. Acceptable values are `0` to `500`, inclusive. (Default: `500`)
-  orderBy: string, Sorts list results by a certain order. By default, results are returned in alphanumerical order based on the resource name. You can also sort results in descending order based on the creation timestamp using `orderBy=&quot;creationTimestamp desc&quot;`. This sorts results based on the `creationTimestamp` field in reverse chronological order (newest result first). Use this to sort resources like operations so that the newest operation is returned first. Currently, only sorting by `name` or `creationTimestamp desc` is supported.
-  pageToken: string, Specifies a page token to use. Set `pageToken` to the `nextPageToken` returned by a previous list request to get the next page of results.
-  returnPartialSuccess: boolean, Opt-in for partial success behavior which provides partial results in case of failure. The default value is false.
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
-
-Returns:
-  An object of the form:
-
-    {
-  &quot;id&quot;: &quot;A String&quot;, # [Output Only] Unique identifier for the resource; defined by the server.
-  &quot;items&quot;: { # A list of InstantSnapshotsScopedList resources.
-    &quot;a_key&quot;: { # [Output Only] Name of the scope containing this set of instantSnapshots.
-      &quot;instantSnapshots&quot;: [ # [Output Only] A list of instantSnapshots contained in this scope.
-        { # Represents a InstantSnapshot resource. You can use instant snapshots to create disk rollback points quickly..
-          &quot;creationTimestamp&quot;: &quot;A String&quot;, # [Output Only] Creation timestamp in RFC3339 text format.
-          &quot;description&quot;: &quot;A String&quot;, # An optional description of this resource. Provide this property when you create the resource.
-          &quot;diskSizeGb&quot;: &quot;A String&quot;, # [Output Only] Size of the source disk, specified in GB.
-          &quot;guestFlush&quot;: True or False, # Whether to attempt an application consistent instant snapshot by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
-          &quot;id&quot;: &quot;A String&quot;, # [Output Only] The unique identifier for the resource. This identifier is defined by the server.
-          &quot;kind&quot;: &quot;compute#instantSnapshot&quot;, # [Output Only] Type of the resource. Always compute#instantSnapshot for InstantSnapshot resources.
-          &quot;labelFingerprint&quot;: &quot;A String&quot;, # A fingerprint for the labels being applied to this InstantSnapshot, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve a InstantSnapshot.
-          &quot;labels&quot;: { # Labels to apply to this InstantSnapshot. These can be later modified by the setLabels method. Label values may be empty.
-            &quot;a_key&quot;: &quot;A String&quot;,
-          },
-          &quot;name&quot;: &quot;A String&quot;, # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
-          &quot;region&quot;: &quot;A String&quot;, # [Output Only] URL of the region where the instant snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
-          &quot;satisfiesPzs&quot;: True or False, # [Output Only] Reserved for future use.
-          &quot;selfLink&quot;: &quot;A String&quot;, # [Output Only] Server-defined URL for the resource.
-          &quot;selfLinkWithId&quot;: &quot;A String&quot;, # [Output Only] Server-defined URL for this resource&#x27;s resource id.
-          &quot;sourceDisk&quot;: &quot;A String&quot;, # URL of the source disk used to create this instant snapshot. Note that the source disk must be in the same zone/region as the instant snapshot to be created. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - https://www.googleapis.com/compute/v1/projects/project/regions/region /disks/disk - projects/project/zones/zone/disks/disk - projects/project/regions/region/disks/disk - zones/zone/disks/disk - regions/region/disks/disk
-          &quot;sourceDiskId&quot;: &quot;A String&quot;, # [Output Only] The ID value of the disk used to create this InstantSnapshot. This value may be used to determine whether the InstantSnapshot was taken from the current or a previous instance of a given disk name.
-          &quot;status&quot;: &quot;A String&quot;, # [Output Only] The status of the instantSnapshot. This can be CREATING, DELETING, FAILED, or READY.
-          &quot;zone&quot;: &quot;A String&quot;, # [Output Only] URL of the zone where the instant snapshot resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
-        },
-      ],
-      &quot;warning&quot;: { # [Output Only] Informational warning which replaces the list of instantSnapshots when the list is empty.
-        &quot;code&quot;: &quot;A String&quot;, # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-        &quot;data&quot;: [ # [Output Only] Metadata about this warning in key: value format. For example: &quot;data&quot;: [ { &quot;key&quot;: &quot;scope&quot;, &quot;value&quot;: &quot;zones/us-east1-d&quot; }
-          {
-            &quot;key&quot;: &quot;A String&quot;, # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
-            &quot;value&quot;: &quot;A String&quot;, # [Output Only] A warning data value corresponding to the key.
-          },
-        ],
-        &quot;message&quot;: &quot;A String&quot;, # [Output Only] A human-readable description of the warning code.
-      },
-    },
-  },
-  &quot;kind&quot;: &quot;compute#instantSnapshotAggregatedList&quot;, # [Output Only] Type of resource. Always compute#instantSnapshotAggregatedList for aggregated lists of instantSnapshots.
-  &quot;nextPageToken&quot;: &quot;A String&quot;, # [Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
-  &quot;selfLink&quot;: &quot;A String&quot;, # [Output Only] Server-defined URL for this resource.
-  &quot;unreachables&quot;: [ # [Output Only] Unreachable resources.
-    &quot;A String&quot;,
-  ],
-  &quot;warning&quot;: { # [Output Only] Informational warning message.
-    &quot;code&quot;: &quot;A String&quot;, # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-    &quot;data&quot;: [ # [Output Only] Metadata about this warning in key: value format. For example: &quot;data&quot;: [ { &quot;key&quot;: &quot;scope&quot;, &quot;value&quot;: &quot;zones/us-east1-d&quot; }
-      {
-        &quot;key&quot;: &quot;A String&quot;, # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
-        &quot;value&quot;: &quot;A String&quot;, # [Output Only] A warning data value corresponding to the key.
-      },
-    ],
-    &quot;message&quot;: &quot;A String&quot;, # [Output Only] A human-readable description of the warning code.
-  },
-}</pre>
-</div>
-
-<div class="method">
-    <code class="details" id="aggregatedList_next">aggregatedList_next(previous_request, previous_response)</code>
-  <pre>Retrieves the next page of results.
-
-Args:
-  previous_request: The request for the previous page. (required)
-  previous_response: The response from the request for the previous page. (required)
-
-Returns:
-  A request object that you can call &#x27;execute()&#x27; on to request the next
-  page. Returns None if there are no more items in the collection.
-    </pre>
-</div>
-
-<div class="method">
     <code class="details" id="close">close()</code>
   <pre>Close httplib2 connections.</pre>
 </div>
@@ -247,9 +149,6 @@
   &quot;id&quot;: &quot;A String&quot;, # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   &quot;insertTime&quot;: &quot;A String&quot;, # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   &quot;kind&quot;: &quot;compute#operation&quot;, # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  &quot;metadata&quot;: { # [Output Only] Service-specific metadata attached to this operation.
-    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
-  },
   &quot;name&quot;: &quot;A String&quot;, # [Output Only] Name of the operation.
   &quot;operationGroupId&quot;: &quot;A String&quot;, # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   &quot;operationType&quot;: &quot;A String&quot;, # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -334,9 +233,6 @@
   &quot;id&quot;: &quot;A String&quot;, # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   &quot;insertTime&quot;: &quot;A String&quot;, # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   &quot;kind&quot;: &quot;compute#operation&quot;, # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  &quot;metadata&quot;: { # [Output Only] Service-specific metadata attached to this operation.
-    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
-  },
   &quot;name&quot;: &quot;A String&quot;, # [Output Only] Name of the operation.
   &quot;operationGroupId&quot;: &quot;A String&quot;, # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   &quot;operationType&quot;: &quot;A String&quot;, # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -570,9 +466,6 @@
   &quot;id&quot;: &quot;A String&quot;, # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   &quot;insertTime&quot;: &quot;A String&quot;, # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   &quot;kind&quot;: &quot;compute#operation&quot;, # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  &quot;metadata&quot;: { # [Output Only] Service-specific metadata attached to this operation.
-    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
-  },
   &quot;name&quot;: &quot;A String&quot;, # [Output Only] Name of the operation.
   &quot;operationGroupId&quot;: &quot;A String&quot;, # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   &quot;operationType&quot;: &quot;A String&quot;, # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -935,9 +828,6 @@
   &quot;id&quot;: &quot;A String&quot;, # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   &quot;insertTime&quot;: &quot;A String&quot;, # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   &quot;kind&quot;: &quot;compute#operation&quot;, # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  &quot;metadata&quot;: { # [Output Only] Service-specific metadata attached to this operation.
-    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
-  },
   &quot;name&quot;: &quot;A String&quot;, # [Output Only] Name of the operation.
   &quot;operationGroupId&quot;: &quot;A String&quot;, # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   &quot;operationType&quot;: &quot;A String&quot;, # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.interconnectAttachments.html

diff --git a/docs/dyn/compute_alpha.interconnectAttachments.html b/docs/dyn/compute_alpha.interconnectAttachments.html
index 4ba0b5a..b5734ba 100644
--- a/docs/dyn/compute_alpha.interconnectAttachments.html
+++ b/docs/dyn/compute_alpha.interconnectAttachments.html
@@ -280,9 +280,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -583,9 +580,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -817,9 +811,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1107,9 +1098,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.interconnects.html

diff --git a/docs/dyn/compute_alpha.interconnects.html b/docs/dyn/compute_alpha.interconnects.html
index b34058e..e747534 100644
--- a/docs/dyn/compute_alpha.interconnects.html
+++ b/docs/dyn/compute_alpha.interconnects.html
@@ -154,9 +154,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -554,9 +551,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -800,9 +794,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1087,9 +1078,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.licenses.html

diff --git a/docs/dyn/compute_alpha.licenses.html b/docs/dyn/compute_alpha.licenses.html
index dce7922..8c59f98 100644
--- a/docs/dyn/compute_alpha.licenses.html
+++ b/docs/dyn/compute_alpha.licenses.html
@@ -142,9 +142,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -365,9 +362,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.machineImages.html

diff --git a/docs/dyn/compute_alpha.machineImages.html b/docs/dyn/compute_alpha.machineImages.html
index 465fbdf..bc01707 100644
--- a/docs/dyn/compute_alpha.machineImages.html
+++ b/docs/dyn/compute_alpha.machineImages.html
@@ -142,9 +142,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -194,277 +191,6 @@
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] A unique identifier for this machine image. The server defines this identifier.
-  "instanceProperties": { # [Output Only] Properties of source instance
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
-      "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
-      "enableUefiNetworking": True or False, # Whether to enable UEFI networking for instance creation.
-      "numaNodeCount": 42, # The number of vNUMA nodes.
-      "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
-      "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
-    },
-    "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
-      "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
-    },
-    "description": "A String", # An optional text description for the instances that are created from these properties.
-    "disks": [ # An array of disks that are associated with the instances that are created from these properties.
-      { # An instance-attached disk resource.
-        "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
-        "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
-          "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
-          "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
-          "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
-          "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
-        },
-        "diskSizeGb": "A String", # The size of the disk in GB.
-        "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
-          { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
-          },
-        ],
-        "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
-          "description": "A String", # An optional description. Provide this property when creating the disk.
-          "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
-          "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard For a full list of acceptable values, see Persistent disk types. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
-            { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
-            },
-          ],
-          "interface": "A String", # [Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
-          "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
-            "a_key": "A String",
-          },
-          "licenseCodes": [ # Integer license codes indicating which licenses are attached to this disk.
-            "A String",
-          ],
-          "licenses": [ # A list of publicly visible licenses. Reserved for Google's use.
-            "A String",
-          ],
-          "multiWriter": True or False, # Indicates whether or not the disk can be read/write attached to more than one instance.
-          "onUpdateAction": "A String", # Specifies which action to take on instance update with this disk. Default is to use the existing disk.
-          "provisionedIops": "A String", # Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Values must be between 10,000 and 120,000. For more details, see the Extreme persistent disk documentation.
-          "replicaZones": [ # URLs of the zones where the disk should be replicated to. Only applicable for regional resources.
-            "A String",
-          ],
-          "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
-            "A String",
-          ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
-            "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
-            "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
-            "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
-            "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
-          },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
-          "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
-            "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
-            "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
-            "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
-            "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
-          },
-        },
-        "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.
-        "kind": "compute#attachedDisk", # [Output Only] Type of the resource. Always compute#attachedDisk for attached disks.
-        "licenses": [ # [Output Only] Any valid publicly visible licenses.
-          "A String",
-        ],
-        "locked": True or False, # [Output Only] Whether to indicate the attached disk is locked. The locked disk is not allowed to be detached from the instance, or to be used as the source of the snapshot creation, and the image creation. The instance with at least one locked attached disk is not allow to be used as source of machine image creation, instant snapshot creation, and not allowed to be deleted with --keep-disk parameter set to true for locked disks.
-        "mode": "A String", # The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.
-        "savedState": "A String", # For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.
-        "shieldedInstanceInitialState": { # Initial State for shielded instance, these are public keys which are safe to store in public # [Output Only] shielded vm initial state stored on disk
-          "dbs": [ # The Key Database (db).
-            {
-              "content": "A String", # The raw content in the secure keys file.
-              "fileType": "A String", # The file type of source file.
-            },
-          ],
-          "dbxs": [ # The forbidden key database (dbx).
-            {
-              "content": "A String", # The raw content in the secure keys file.
-              "fileType": "A String", # The file type of source file.
-            },
-          ],
-          "keks": [ # The Key Exchange Key (KEK).
-            {
-              "content": "A String", # The raw content in the secure keys file.
-              "fileType": "A String", # The file type of source file.
-            },
-          ],
-          "pk": { # The Platform Key (PK).
-            "content": "A String", # The raw content in the secure keys file.
-            "fileType": "A String", # The file type of source file.
-          },
-        },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
-        "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
-        "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
-          "A String",
-        ],
-      },
-    ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
-      "enableDisplay": True or False, # Defines whether the instance has Display enabled.
-    },
-    "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
-      { # A specification of the type and number of accelerator cards attached to the instance.
-        "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
-        "acceleratorType": "A String", # Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types.
-      },
-    ],
-    "labels": { # Labels to apply to instances that are created from these properties.
-      "a_key": "A String",
-    },
-    "machineType": "A String", # The machine type to use for instances that are created from these properties.
-    "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
-      "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
-          "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
-          "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
-        },
-      ],
-      "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
-    },
-    "minCpuPlatform": "A String", # Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: "Intel Haswell" or minCpuPlatform: "Intel Sandy Bridge". For more information, read Specifying a Minimum CPU Platform.
-    "networkInterfaces": [ # An array of network access configurations for this interface.
-      { # A network interface resource attached to an instance.
-        "accessConfigs": [ # An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.
-          { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
-            "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
-            "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
-            "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
-            "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
-            "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
-            "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
-          },
-        ],
-        "aliasIpRanges": [ # An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks.
-          { # An alias IP range attached to an instance's network interface.
-            "ipCidrRange": "A String", # The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24).
-            "subnetworkRangeName": "A String", # The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used.
-          },
-        ],
-        "fingerprint": "A String", # Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface. The request will fail with error 400 Bad Request if the fingerprint is not provided, or 412 Precondition Failed if the fingerprint is out of date.
-        "internalIpv6PrefixLength": 42, # [Output Only] The prefix length of the primary internal IPv6 range.
-        "ipv6AccessConfigs": [ # An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access.
-          { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
-            "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
-            "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
-            "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
-            "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
-            "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
-            "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
-          },
-        ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
-        "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
-        "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
-        "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
-        "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
-        "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
-          {
-            "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
-            "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
-            "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
-          },
-        ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
-      },
-    ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
-      "externalIpEgressBandwidthTier": "A String",
-      "totalEgressBandwidthTier": "A String",
-    },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
-      "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
-      "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
-        "A String",
-      ],
-    },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
-      "A String",
-    ],
-    "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
-      "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
-      "currentCpus": 42, # Current number of vCPUs available for VM. 0 or unset means default vCPUs of the current machine type.
-      "currentMemoryMb": "A String", # Current amount of memory (in MB) available for VM. 0 or unset means default amount of memory of the current machine type.
-      "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
-      "instanceTerminationAction": "A String", # Specifies the termination action for the instance.
-      "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
-      "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
-      "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
-      "maintenanceInterval": "A String", # For more information about maintenance intervals, see Setting maintenance intervals.
-      "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
-      "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
-        { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.
-          "key": "A String", # Corresponds to the label key of Node resource.
-          "operator": "A String", # Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity.
-          "values": [ # Corresponds to the label values of Node resource.
-            "A String",
-          ],
-        },
-      ],
-      "onHostMaintenance": "A String", # Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.
-      "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
-      "provisioningModel": "A String", # Specifies the provisioning model of the instance.
-    },
-    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet.
-      "A String",
-    ],
-    "serviceAccounts": [ # A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances.
-      { # A service account.
-        "email": "A String", # Email address of the service account.
-        "scopes": [ # The list of scopes to be made available for this service account.
-          "A String",
-        ],
-      },
-    ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
-      "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
-      "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
-      "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
-    },
-    "shieldedVmConfig": { # A set of Shielded VM options. # Specifies the Shielded VM options for the instances that are created from these properties.
-      "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled.
-      "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled.
-      "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
-    },
-    "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
-      "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
-        "A String",
-      ],
-    },
-  },
   "kind": "compute#machineImage", # [Output Only] The resource type, which is always compute#machineImage for machine image.
   "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request. Customer-supplied encryption keys do not protect access to metadata of the machine image. If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
@@ -475,14 +201,6 @@
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
-  "savedDisks": [ # An array of Machine Image specific properties for disks attached to the source instance
-    { # An instance-attached disk resource.
-      "kind": "compute#savedDisk", # [Output Only] Type of the resource. Always compute#savedDisk for attached disks.
-      "sourceDisk": "A String", # Specifies a URL of the disk attached to the source instance.
-      "storageBytes": "A String", # [Output Only] Size of the individual disk snapshot used by this machine image.
-      "storageBytesStatus": "A String", # [Output Only] An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date.
-    },
-  ],
   "selfLink": "A String", # [Output Only] The URL for this machine image. The server defines this URL.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
   "sourceDiskEncryptionKeys": [ # [Input Only] The customer-supplied encryption key of the disks attached to the source instance. Required if the source disk is protected by a customer-supplied encryption key.
@@ -566,9 +284,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -589,9 +307,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -615,7 +333,7 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance. (will be deprecated soon)
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
       "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
@@ -782,277 +500,6 @@
   "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
   "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
   "id": "A String", # [Output Only] A unique identifier for this machine image. The server defines this identifier.
-  "instanceProperties": { # [Output Only] Properties of source instance
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
-      "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
-      "enableUefiNetworking": True or False, # Whether to enable UEFI networking for instance creation.
-      "numaNodeCount": 42, # The number of vNUMA nodes.
-      "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
-      "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
-    },
-    "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
-      "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
-    },
-    "description": "A String", # An optional text description for the instances that are created from these properties.
-    "disks": [ # An array of disks that are associated with the instances that are created from these properties.
-      { # An instance-attached disk resource.
-        "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
-        "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-        "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-        "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
-          "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
-          "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
-          "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
-          "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
-          "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
-        },
-        "diskSizeGb": "A String", # The size of the disk in GB.
-        "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-        "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
-          { # Guest OS features.
-            "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
-          },
-        ],
-        "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-        "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
-          "description": "A String", # An optional description. Provide this property when creating the disk.
-          "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
-          "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-          "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard For a full list of acceptable values, see Persistent disk types. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-          "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
-            { # Guest OS features.
-              "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
-            },
-          ],
-          "interface": "A String", # [Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
-          "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
-            "a_key": "A String",
-          },
-          "licenseCodes": [ # Integer license codes indicating which licenses are attached to this disk.
-            "A String",
-          ],
-          "licenses": [ # A list of publicly visible licenses. Reserved for Google's use.
-            "A String",
-          ],
-          "multiWriter": True or False, # Indicates whether or not the disk can be read/write attached to more than one instance.
-          "onUpdateAction": "A String", # Specifies which action to take on instance update with this disk. Default is to use the existing disk.
-          "provisionedIops": "A String", # Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Values must be between 10,000 and 120,000. For more details, see the Extreme persistent disk documentation.
-          "replicaZones": [ # URLs of the zones where the disk should be replicated to. Only applicable for regional resources.
-            "A String",
-          ],
-          "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
-            "A String",
-          ],
-          "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-          "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
-            "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
-            "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
-            "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
-            "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
-          },
-          "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
-          "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
-            "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
-            "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
-            "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
-            "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
-            "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
-          },
-        },
-        "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.
-        "kind": "compute#attachedDisk", # [Output Only] Type of the resource. Always compute#attachedDisk for attached disks.
-        "licenses": [ # [Output Only] Any valid publicly visible licenses.
-          "A String",
-        ],
-        "locked": True or False, # [Output Only] Whether to indicate the attached disk is locked. The locked disk is not allowed to be detached from the instance, or to be used as the source of the snapshot creation, and the image creation. The instance with at least one locked attached disk is not allow to be used as source of machine image creation, instant snapshot creation, and not allowed to be deleted with --keep-disk parameter set to true for locked disks.
-        "mode": "A String", # The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.
-        "savedState": "A String", # For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.
-        "shieldedInstanceInitialState": { # Initial State for shielded instance, these are public keys which are safe to store in public # [Output Only] shielded vm initial state stored on disk
-          "dbs": [ # The Key Database (db).
-            {
-              "content": "A String", # The raw content in the secure keys file.
-              "fileType": "A String", # The file type of source file.
-            },
-          ],
-          "dbxs": [ # The forbidden key database (dbx).
-            {
-              "content": "A String", # The raw content in the secure keys file.
-              "fileType": "A String", # The file type of source file.
-            },
-          ],
-          "keks": [ # The Key Exchange Key (KEK).
-            {
-              "content": "A String", # The raw content in the secure keys file.
-              "fileType": "A String", # The file type of source file.
-            },
-          ],
-          "pk": { # The Platform Key (PK).
-            "content": "A String", # The raw content in the secure keys file.
-            "fileType": "A String", # The file type of source file.
-          },
-        },
-        "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
-        "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
-        "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
-          "A String",
-        ],
-      },
-    ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
-      "enableDisplay": True or False, # Defines whether the instance has Display enabled.
-    },
-    "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
-      { # A specification of the type and number of accelerator cards attached to the instance.
-        "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
-        "acceleratorType": "A String", # Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types.
-      },
-    ],
-    "labels": { # Labels to apply to instances that are created from these properties.
-      "a_key": "A String",
-    },
-    "machineType": "A String", # The machine type to use for instances that are created from these properties.
-    "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
-      "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-        { # Metadata
-          "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
-          "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
-        },
-      ],
-      "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
-    },
-    "minCpuPlatform": "A String", # Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: "Intel Haswell" or minCpuPlatform: "Intel Sandy Bridge". For more information, read Specifying a Minimum CPU Platform.
-    "networkInterfaces": [ # An array of network access configurations for this interface.
-      { # A network interface resource attached to an instance.
-        "accessConfigs": [ # An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.
-          { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
-            "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
-            "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
-            "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
-            "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
-            "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
-            "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
-          },
-        ],
-        "aliasIpRanges": [ # An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks.
-          { # An alias IP range attached to an instance's network interface.
-            "ipCidrRange": "A String", # The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24).
-            "subnetworkRangeName": "A String", # The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used.
-          },
-        ],
-        "fingerprint": "A String", # Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface. The request will fail with error 400 Bad Request if the fingerprint is not provided, or 412 Precondition Failed if the fingerprint is out of date.
-        "internalIpv6PrefixLength": 42, # [Output Only] The prefix length of the primary internal IPv6 range.
-        "ipv6AccessConfigs": [ # An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access.
-          { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
-            "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
-            "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
-            "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
-            "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
-            "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-            "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
-            "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
-          },
-        ],
-        "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
-        "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
-        "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
-        "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-        "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
-        "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
-        "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-        "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-        "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-        "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
-          {
-            "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
-            "ipAllocationMode": "A String",
-            "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
-            "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
-          },
-        ],
-        "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
-      },
-    ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
-      "externalIpEgressBandwidthTier": "A String",
-      "totalEgressBandwidthTier": "A String",
-    },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
-      "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
-      "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
-      "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
-        "A String",
-      ],
-    },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
-      "A String",
-    ],
-    "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-      "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
-      "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
-      "currentCpus": 42, # Current number of vCPUs available for VM. 0 or unset means default vCPUs of the current machine type.
-      "currentMemoryMb": "A String", # Current amount of memory (in MB) available for VM. 0 or unset means default amount of memory of the current machine type.
-      "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
-      "instanceTerminationAction": "A String", # Specifies the termination action for the instance.
-      "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
-      "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
-      "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
-      "maintenanceInterval": "A String", # For more information about maintenance intervals, see Setting maintenance intervals.
-      "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
-      "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
-        { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.
-          "key": "A String", # Corresponds to the label key of Node resource.
-          "operator": "A String", # Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity.
-          "values": [ # Corresponds to the label values of Node resource.
-            "A String",
-          ],
-        },
-      ],
-      "onHostMaintenance": "A String", # Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.
-      "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
-      "provisioningModel": "A String", # Specifies the provisioning model of the instance.
-    },
-    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet.
-      "A String",
-    ],
-    "serviceAccounts": [ # A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances.
-      { # A service account.
-        "email": "A String", # Email address of the service account.
-        "scopes": [ # The list of scopes to be made available for this service account.
-          "A String",
-        ],
-      },
-    ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
-      "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
-      "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
-      "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
-    },
-    "shieldedVmConfig": { # A set of Shielded VM options. # Specifies the Shielded VM options for the instances that are created from these properties.
-      "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled.
-      "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled.
-      "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
-    },
-    "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-      "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
-      "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
-        "A String",
-      ],
-    },
-  },
   "kind": "compute#machineImage", # [Output Only] The resource type, which is always compute#machineImage for machine image.
   "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request. Customer-supplied encryption keys do not protect access to metadata of the machine image. If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
     "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
@@ -1063,14 +510,6 @@
   },
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
-  "savedDisks": [ # An array of Machine Image specific properties for disks attached to the source instance
-    { # An instance-attached disk resource.
-      "kind": "compute#savedDisk", # [Output Only] Type of the resource. Always compute#savedDisk for attached disks.
-      "sourceDisk": "A String", # Specifies a URL of the disk attached to the source instance.
-      "storageBytes": "A String", # [Output Only] Size of the individual disk snapshot used by this machine image.
-      "storageBytesStatus": "A String", # [Output Only] An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date.
-    },
-  ],
   "selfLink": "A String", # [Output Only] The URL for this machine image. The server defines this URL.
   "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
   "sourceDiskEncryptionKeys": [ # [Input Only] The customer-supplied encryption key of the disks attached to the source instance. Required if the source disk is protected by a customer-supplied encryption key.
@@ -1154,9 +593,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -1177,9 +616,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -1203,7 +642,7 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance. (will be deprecated soon)
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
       "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
@@ -1280,9 +719,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1339,277 +775,6 @@
       "description": "A String", # An optional description of this resource. Provide this property when you create the resource.
       "guestFlush": True or False, # [Input Only] Whether to attempt an application consistent machine image by informing the OS to prepare for the snapshot process. Currently only supported on Windows instances using the Volume Shadow Copy Service (VSS).
       "id": "A String", # [Output Only] A unique identifier for this machine image. The server defines this identifier.
-      "instanceProperties": { # [Output Only] Properties of source instance
-        "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
-          "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
-          "enableUefiNetworking": True or False, # Whether to enable UEFI networking for instance creation.
-          "numaNodeCount": 42, # The number of vNUMA nodes.
-          "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
-          "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
-        },
-        "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-        "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
-          "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
-        },
-        "description": "A String", # An optional text description for the instances that are created from these properties.
-        "disks": [ # An array of disks that are associated with the instances that are created from these properties.
-          { # An instance-attached disk resource.
-            "autoDelete": True or False, # Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance).
-            "boot": True or False, # Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem.
-            "deviceName": "A String", # Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks.
-            "diskEncryptionKey": { # Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group.
-              "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
-              "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
-              "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
-              "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
-              "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
-            },
-            "diskSizeGb": "A String", # The size of the disk in GB.
-            "forceAttach": True or False, # [Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error.
-            "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options.
-              { # Guest OS features.
-                "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
-              },
-            ],
-            "index": 42, # [Output Only] A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number.
-            "initializeParams": { # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both. # [Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.
-              "description": "A String", # An optional description. Provide this property when creating the disk.
-              "diskName": "A String", # Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created.
-              "diskSizeGb": "A String", # Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB.
-              "diskType": "A String", # Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard For a full list of acceptable values, see Persistent disk types. If you define this field, you can provide either the full or partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType Note that for InstanceTemplate, this is the name of the disk type, not URL.
-              "guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures
-                { # Guest OS features.
-                  "type": "A String", # The ID of a supported feature. Read Enabling guest operating system features to see a list of available options.
-                },
-              ],
-              "interface": "A String", # [Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.
-              "labels": { # Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks.
-                "a_key": "A String",
-              },
-              "licenseCodes": [ # Integer license codes indicating which licenses are attached to this disk.
-                "A String",
-              ],
-              "licenses": [ # A list of publicly visible licenses. Reserved for Google's use.
-                "A String",
-              ],
-              "multiWriter": True or False, # Indicates whether or not the disk can be read/write attached to more than one instance.
-              "onUpdateAction": "A String", # Specifies which action to take on instance update with this disk. Default is to use the existing disk.
-              "provisionedIops": "A String", # Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Values must be between 10,000 and 120,000. For more details, see the Extreme persistent disk documentation.
-              "replicaZones": [ # URLs of the zones where the disk should be replicated to. Only applicable for regional resources.
-                "A String",
-              ],
-              "resourcePolicies": [ # Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name.
-                "A String",
-              ],
-              "sourceImage": "A String", # The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set.
-              "sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. Instance templates do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys.
-                "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
-                "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
-                "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
-                "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
-              },
-              "sourceSnapshot": "A String", # The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set.
-              "sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot.
-                "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
-                "kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
-                "rawKey": "A String", # Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
-                "rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
-                "sha256": "A String", # [Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.
-              },
-            },
-            "interface": "A String", # Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. Persistent disks must always use SCSI and the request will fail if you attempt to attach a persistent disk in any other format than SCSI. Local SSDs can use either NVME or SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.
-            "kind": "compute#attachedDisk", # [Output Only] Type of the resource. Always compute#attachedDisk for attached disks.
-            "licenses": [ # [Output Only] Any valid publicly visible licenses.
-              "A String",
-            ],
-            "locked": True or False, # [Output Only] Whether to indicate the attached disk is locked. The locked disk is not allowed to be detached from the instance, or to be used as the source of the snapshot creation, and the image creation. The instance with at least one locked attached disk is not allow to be used as source of machine image creation, instant snapshot creation, and not allowed to be deleted with --keep-disk parameter set to true for locked disks.
-            "mode": "A String", # The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.
-            "savedState": "A String", # For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.
-            "shieldedInstanceInitialState": { # Initial State for shielded instance, these are public keys which are safe to store in public # [Output Only] shielded vm initial state stored on disk
-              "dbs": [ # The Key Database (db).
-                {
-                  "content": "A String", # The raw content in the secure keys file.
-                  "fileType": "A String", # The file type of source file.
-                },
-              ],
-              "dbxs": [ # The forbidden key database (dbx).
-                {
-                  "content": "A String", # The raw content in the secure keys file.
-                  "fileType": "A String", # The file type of source file.
-                },
-              ],
-              "keks": [ # The Key Exchange Key (KEK).
-                {
-                  "content": "A String", # The raw content in the secure keys file.
-                  "fileType": "A String", # The file type of source file.
-                },
-              ],
-              "pk": { # The Platform Key (PK).
-                "content": "A String", # The raw content in the secure keys file.
-                "fileType": "A String", # The file type of source file.
-              },
-            },
-            "source": "A String", # Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name, not the URL for the disk.
-            "type": "A String", # Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.
-            "userLicenses": [ # [Output Only] A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created.
-              "A String",
-            ],
-          },
-        ],
-        "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
-          "enableDisplay": True or False, # Defines whether the instance has Display enabled.
-        },
-        "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
-          { # A specification of the type and number of accelerator cards attached to the instance.
-            "acceleratorCount": 42, # The number of the guest accelerator cards exposed to this instance.
-            "acceleratorType": "A String", # Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types.
-          },
-        ],
-        "labels": { # Labels to apply to instances that are created from these properties.
-          "a_key": "A String",
-        },
-        "machineType": "A String", # The machine type to use for instances that are created from these properties.
-        "metadata": { # A metadata key/value entry. # The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource.
-          "items": [ # Array of key/value pairs. The total size of all keys and values must be less than 512 KB.
-            { # Metadata
-              "key": "A String", # Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project.
-              "value": "A String", # Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB).
-            },
-          ],
-          "kind": "compute#metadata", # [Output Only] Type of the resource. Always compute#metadata for metadata.
-        },
-        "minCpuPlatform": "A String", # Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: "Intel Haswell" or minCpuPlatform: "Intel Sandy Bridge". For more information, read Specifying a Minimum CPU Platform.
-        "networkInterfaces": [ # An array of network access configurations for this interface.
-          { # A network interface resource attached to an instance.
-            "accessConfigs": [ # An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access.
-              { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
-                "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
-                "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
-                "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
-                "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
-                "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
-                "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
-              },
-            ],
-            "aliasIpRanges": [ # An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks.
-              { # An alias IP range attached to an instance's network interface.
-                "ipCidrRange": "A String", # The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24).
-                "subnetworkRangeName": "A String", # The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used.
-              },
-            ],
-            "fingerprint": "A String", # Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface. The request will fail with error 400 Bad Request if the fingerprint is not provided, or 412 Precondition Failed if the fingerprint is out of date.
-            "internalIpv6PrefixLength": 42, # [Output Only] The prefix length of the primary internal IPv6 range.
-            "ipv6AccessConfigs": [ # An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access.
-              { # An access configuration attached to an instance's network interface. Only one access config per instance is supported.
-                "externalIpv6": "A String", # [Output Only] The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. The field is output only, an IPv6 address from a subnetwork associated with the instance will be allocated dynamically.
-                "externalIpv6PrefixLength": 42, # [Output Only] The prefix length of the external IPv6 range.
-                "kind": "compute#accessConfig", # [Output Only] Type of the resource. Always compute#accessConfig for access configs.
-                "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
-                "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
-                "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
-                "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
-              },
-            ],
-            "ipv6AccessType": "A String", # [Output Only] One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6.
-            "ipv6Address": "A String", # [Output Only] An IPv6 internal network address for this network interface.
-            "kind": "compute#networkInterface", # [Output Only] Type of the resource. Always compute#networkInterface for network interfaces.
-            "name": "A String", # [Output Only] The name of the network interface, which is generated by the server. For network devices, these are eth0, eth1, etc.
-            "network": "A String", # URL of the network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used; if the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default
-            "networkIP": "A String", # An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system.
-            "nicType": "A String", # The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.
-            "queueCount": 42, # The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users.
-            "stackType": "A String", # The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at instance creation and update network interface operations.
-            "subinterfaces": [ # SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface.
-              {
-                "ipAddress": "A String", # An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP.
-                "ipAllocationMode": "A String",
-                "subnetwork": "A String", # If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
-                "vlan": 42, # VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting.
-              },
-            ],
-            "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
-          },
-        ],
-        "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
-          "externalIpEgressBandwidthTier": "A String",
-          "totalEgressBandwidthTier": "A String",
-        },
-        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-        "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
-          "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
-          "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
-          "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
-            "A String",
-          ],
-        },
-        "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
-          "A String",
-        ],
-        "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
-          "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
-          "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.
-          "currentCpus": 42, # Current number of vCPUs available for VM. 0 or unset means default vCPUs of the current machine type.
-          "currentMemoryMb": "A String", # Current amount of memory (in MB) available for VM. 0 or unset means default amount of memory of the current machine type.
-          "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
-          "instanceTerminationAction": "A String", # Specifies the termination action for the instance.
-          "latencyTolerant": True or False, # Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set.
-          "locationHint": "A String", # An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API.
-          "maintenanceFreezeDurationHours": 42, # Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance.
-          "maintenanceInterval": "A String", # For more information about maintenance intervals, see Setting maintenance intervals.
-          "minNodeCpus": 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node.
-          "nodeAffinities": [ # A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity.
-            { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.
-              "key": "A String", # Corresponds to the label key of Node resource.
-              "operator": "A String", # Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity.
-              "values": [ # Corresponds to the label values of Node resource.
-                "A String",
-              ],
-            },
-          ],
-          "onHostMaintenance": "A String", # Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Setting Instance Scheduling Options.
-          "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
-          "provisioningModel": "A String", # Specifies the provisioning model of the instance.
-        },
-        "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet.
-          "A String",
-        ],
-        "serviceAccounts": [ # A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances.
-          { # A service account.
-            "email": "A String", # Email address of the service account.
-            "scopes": [ # The list of scopes to be made available for this service account.
-              "A String",
-            ],
-          },
-        ],
-        "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
-          "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
-          "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
-          "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
-        },
-        "shieldedVmConfig": { # A set of Shielded VM options. # Specifies the Shielded VM options for the instances that are created from these properties.
-          "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled.
-          "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled.
-          "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled.
-        },
-        "tags": { # A set of instance tags. # A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035.
-          "fingerprint": "A String", # Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance.
-          "items": [ # An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035.
-            "A String",
-          ],
-        },
-      },
       "kind": "compute#machineImage", # [Output Only] The resource type, which is always compute#machineImage for machine image.
       "machineImageEncryptionKey": { # Encrypts the machine image using a customer-supplied encryption key. After you encrypt a machine image using a customer-supplied key, you must provide the same key if you use the machine image later. For example, you must provide the encryption key when you create an instance from the encrypted machine image in a future request. Customer-supplied encryption keys do not protect access to metadata of the machine image. If you do not provide an encryption key when creating the machine image, then the machine image will be encrypted using an automatically generated key and you do not need to provide a key to use the machine image later.
         "kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key
@@ -1620,14 +785,6 @@
       },
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
-      "savedDisks": [ # An array of Machine Image specific properties for disks attached to the source instance
-        { # An instance-attached disk resource.
-          "kind": "compute#savedDisk", # [Output Only] Type of the resource. Always compute#savedDisk for attached disks.
-          "sourceDisk": "A String", # Specifies a URL of the disk attached to the source instance.
-          "storageBytes": "A String", # [Output Only] Size of the individual disk snapshot used by this machine image.
-          "storageBytesStatus": "A String", # [Output Only] An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date.
-        },
-      ],
       "selfLink": "A String", # [Output Only] The URL for this machine image. The server defines this URL.
       "selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource with the resource id.
       "sourceDiskEncryptionKeys": [ # [Input Only] The customer-supplied encryption key of the disks attached to the source instance. Required if the source disk is protected by a customer-supplied encryption key.
@@ -1711,9 +868,9 @@
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -1734,9 +891,9 @@
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
                 "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
                 "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -1760,7 +917,7 @@
             "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
           },
         ],
-        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
+        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance. (will be deprecated soon)
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
           "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
           "availabilityDomain": 42, # Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details.

docs/dyn/compute_alpha.networkEdgeSecurityServices.html

diff --git a/docs/dyn/compute_alpha.networkEdgeSecurityServices.html b/docs/dyn/compute_alpha.networkEdgeSecurityServices.html
index 39d81da..fcf0d0f 100644
--- a/docs/dyn/compute_alpha.networkEdgeSecurityServices.html
+++ b/docs/dyn/compute_alpha.networkEdgeSecurityServices.html
@@ -221,9 +221,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -335,9 +332,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -421,9 +415,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.networkEndpointGroups.html

diff --git a/docs/dyn/compute_alpha.networkEndpointGroups.html b/docs/dyn/compute_alpha.networkEndpointGroups.html
index 5c53877..290e083 100644
--- a/docs/dyn/compute_alpha.networkEndpointGroups.html
+++ b/docs/dyn/compute_alpha.networkEndpointGroups.html
@@ -285,9 +285,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -358,9 +355,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -443,9 +437,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -626,9 +617,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.networkFirewallPolicies.html

diff --git a/docs/dyn/compute_alpha.networkFirewallPolicies.html b/docs/dyn/compute_alpha.networkFirewallPolicies.html
index 9de2e6d..cc047a1 100644
--- a/docs/dyn/compute_alpha.networkFirewallPolicies.html
+++ b/docs/dyn/compute_alpha.networkFirewallPolicies.html
@@ -176,9 +176,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -299,9 +296,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -367,9 +361,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -439,9 +430,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -875,9 +863,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1150,9 +1135,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1272,9 +1254,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1340,9 +1319,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1408,9 +1384,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.networks.html

diff --git a/docs/dyn/compute_alpha.networks.html b/docs/dyn/compute_alpha.networks.html
index c6eeee3..dee937c 100644
--- a/docs/dyn/compute_alpha.networks.html
+++ b/docs/dyn/compute_alpha.networks.html
@@ -192,9 +192,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -264,9 +261,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -460,7 +454,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -647,9 +641,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1044,9 +1035,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1118,9 +1106,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1185,9 +1170,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1303,9 +1285,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.nodeGroups.html

diff --git a/docs/dyn/compute_alpha.nodeGroups.html b/docs/dyn/compute_alpha.nodeGroups.html
index ecbf17e..49ec3a1 100644
--- a/docs/dyn/compute_alpha.nodeGroups.html
+++ b/docs/dyn/compute_alpha.nodeGroups.html
@@ -169,9 +169,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -358,9 +355,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -435,9 +429,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -720,9 +711,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1018,9 +1006,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1305,9 +1290,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.nodeTemplates.html

diff --git a/docs/dyn/compute_alpha.nodeTemplates.html b/docs/dyn/compute_alpha.nodeTemplates.html
index c81656f..b7dcf25 100644
--- a/docs/dyn/compute_alpha.nodeTemplates.html
+++ b/docs/dyn/compute_alpha.nodeTemplates.html
@@ -258,9 +258,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -528,9 +525,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.organizationSecurityPolicies.html

diff --git a/docs/dyn/compute_alpha.organizationSecurityPolicies.html b/docs/dyn/compute_alpha.organizationSecurityPolicies.html
index cde64ff..c097aa5 100644
--- a/docs/dyn/compute_alpha.organizationSecurityPolicies.html
+++ b/docs/dyn/compute_alpha.organizationSecurityPolicies.html
@@ -171,9 +171,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -319,9 +316,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -391,9 +385,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -457,9 +448,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -907,9 +895,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1180,9 +1165,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1373,9 +1355,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1522,9 +1501,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1589,9 +1565,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1656,9 +1629,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.packetMirrorings.html

diff --git a/docs/dyn/compute_alpha.packetMirrorings.html b/docs/dyn/compute_alpha.packetMirrorings.html
index 6631c81..b5dbde7 100644
--- a/docs/dyn/compute_alpha.packetMirrorings.html
+++ b/docs/dyn/compute_alpha.packetMirrorings.html
@@ -263,9 +263,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -444,9 +441,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -662,9 +656,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.projects.html

diff --git a/docs/dyn/compute_alpha.projects.html b/docs/dyn/compute_alpha.projects.html
index 7df77ed..32805bc 100644
--- a/docs/dyn/compute_alpha.projects.html
+++ b/docs/dyn/compute_alpha.projects.html
@@ -165,9 +165,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -241,9 +238,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -307,9 +301,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -383,9 +374,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -703,9 +691,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -777,9 +762,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -857,9 +839,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -930,9 +909,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1003,9 +979,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1077,9 +1050,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.publicAdvertisedPrefixes.html

diff --git a/docs/dyn/compute_alpha.publicAdvertisedPrefixes.html b/docs/dyn/compute_alpha.publicAdvertisedPrefixes.html
index 6253b71..8041a2b 100644
--- a/docs/dyn/compute_alpha.publicAdvertisedPrefixes.html
+++ b/docs/dyn/compute_alpha.publicAdvertisedPrefixes.html
@@ -136,9 +136,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -269,9 +266,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -439,9 +433,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.publicDelegatedPrefixes.html

diff --git a/docs/dyn/compute_alpha.publicDelegatedPrefixes.html b/docs/dyn/compute_alpha.publicDelegatedPrefixes.html
index c6acc25..c6bb910 100644
--- a/docs/dyn/compute_alpha.publicDelegatedPrefixes.html
+++ b/docs/dyn/compute_alpha.publicDelegatedPrefixes.html
@@ -240,9 +240,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -381,9 +378,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -559,9 +553,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionAutoscalers.html

diff --git a/docs/dyn/compute_alpha.regionAutoscalers.html b/docs/dyn/compute_alpha.regionAutoscalers.html
index 076a5ef..8fa816d 100644
--- a/docs/dyn/compute_alpha.regionAutoscalers.html
+++ b/docs/dyn/compute_alpha.regionAutoscalers.html
@@ -143,9 +143,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -382,9 +379,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -658,9 +652,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -837,9 +828,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionBackendServices.html

diff --git a/docs/dyn/compute_alpha.regionBackendServices.html b/docs/dyn/compute_alpha.regionBackendServices.html
index aeb7bce..d37dd24 100644
--- a/docs/dyn/compute_alpha.regionBackendServices.html
+++ b/docs/dyn/compute_alpha.regionBackendServices.html
@@ -152,9 +152,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -242,7 +239,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -799,7 +796,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1180,9 +1177,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1277,7 +1271,7 @@
           ],
         },
         "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1713,7 +1707,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -2094,9 +2088,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2423,7 +2414,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -2804,9 +2795,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionCommitments.html

diff --git a/docs/dyn/compute_alpha.regionCommitments.html b/docs/dyn/compute_alpha.regionCommitments.html
index d67050f..e280390 100644
--- a/docs/dyn/compute_alpha.regionCommitments.html
+++ b/docs/dyn/compute_alpha.regionCommitments.html
@@ -493,9 +493,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -823,9 +820,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -952,9 +946,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionDisks.html

diff --git a/docs/dyn/compute_alpha.regionDisks.html b/docs/dyn/compute_alpha.regionDisks.html
index 57ebbdd..201b2fb 100644
--- a/docs/dyn/compute_alpha.regionDisks.html
+++ b/docs/dyn/compute_alpha.regionDisks.html
@@ -165,9 +165,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -301,9 +298,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -369,9 +363,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -730,9 +721,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -944,9 +932,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1019,9 +1004,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1309,9 +1291,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1498,9 +1477,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionHealthCheckServices.html

diff --git a/docs/dyn/compute_alpha.regionHealthCheckServices.html b/docs/dyn/compute_alpha.regionHealthCheckServices.html
index 7592d28..2a5b650 100644
--- a/docs/dyn/compute_alpha.regionHealthCheckServices.html
+++ b/docs/dyn/compute_alpha.regionHealthCheckServices.html
@@ -239,9 +239,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -372,9 +369,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -542,9 +536,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionHealthChecks.html

diff --git a/docs/dyn/compute_alpha.regionHealthChecks.html b/docs/dyn/compute_alpha.regionHealthChecks.html
index 150d78f..0fd77ac 100644
--- a/docs/dyn/compute_alpha.regionHealthChecks.html
+++ b/docs/dyn/compute_alpha.regionHealthChecks.html
@@ -143,9 +143,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -384,9 +381,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -662,9 +656,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -842,9 +833,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionInstanceGroupManagers.html

diff --git a/docs/dyn/compute_alpha.regionInstanceGroupManagers.html b/docs/dyn/compute_alpha.regionInstanceGroupManagers.html
index a4104bf..c2e5299 100644
--- a/docs/dyn/compute_alpha.regionInstanceGroupManagers.html
+++ b/docs/dyn/compute_alpha.regionInstanceGroupManagers.html
@@ -216,9 +216,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -296,9 +293,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -412,9 +406,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -480,9 +471,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -559,9 +547,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -635,9 +620,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1022,9 +1004,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1726,9 +1705,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1837,9 +1813,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1914,9 +1887,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1983,9 +1953,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2059,9 +2026,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2136,9 +2100,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2222,9 +2183,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2297,9 +2255,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2375,9 +2330,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2452,9 +2404,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2530,9 +2479,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2608,9 +2554,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2861,9 +2804,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2972,9 +2912,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionInstanceGroups.html

diff --git a/docs/dyn/compute_alpha.regionInstanceGroups.html b/docs/dyn/compute_alpha.regionInstanceGroups.html
index 6517d75..36b9c22 100644
--- a/docs/dyn/compute_alpha.regionInstanceGroups.html
+++ b/docs/dyn/compute_alpha.regionInstanceGroups.html
@@ -340,9 +340,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionInstances.html

diff --git a/docs/dyn/compute_alpha.regionInstances.html b/docs/dyn/compute_alpha.regionInstances.html
index 4851ab7..69ce2c3 100644
--- a/docs/dyn/compute_alpha.regionInstances.html
+++ b/docs/dyn/compute_alpha.regionInstances.html
@@ -266,9 +266,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -289,9 +289,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -424,7 +424,7 @@
     "zone": "A String", # [Output Only] URL of the zone where the instance resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
   },
   "instanceProperties": { # The instance properties defining the VM instances to be created. Required if sourceInstanceTemplate is not provided.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "enableUefiNetworking": True or False, # Whether to enable UEFI networking for instance creation.
       "numaNodeCount": 42, # The number of vNUMA nodes.
@@ -432,7 +432,7 @@
       "visibleCoreCount": 42, # The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -541,7 +541,7 @@
         ],
       },
     ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -576,9 +576,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -599,9 +599,9 @@
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
             "publicDnsName": "A String", # [Output Only] The public DNS domain name for the instance.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
             "setPublicDns": True or False, # Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -625,20 +625,20 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+    "networkPerformanceConfig": {
       "externalIpEgressBandwidthTier": "A String",
       "totalEgressBandwidthTier": "A String",
     },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -666,7 +666,7 @@
       "preemptible": True or False, # Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states.
       "provisioningModel": "A String", # Specifies the provisioning model of the instance.
     },
-    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet.
+    "secureTags": [ # [Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50.
       "A String",
     ],
     "serviceAccounts": [ # A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances.
@@ -677,7 +677,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -740,9 +740,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionInstantSnapshots.html

diff --git a/docs/dyn/compute_alpha.regionInstantSnapshots.html b/docs/dyn/compute_alpha.regionInstantSnapshots.html
index 9d91752..a4f176d 100644
--- a/docs/dyn/compute_alpha.regionInstantSnapshots.html
+++ b/docs/dyn/compute_alpha.regionInstantSnapshots.html
@@ -149,9 +149,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -236,9 +233,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -472,9 +466,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -837,9 +828,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionNetworkEndpointGroups.html

diff --git a/docs/dyn/compute_alpha.regionNetworkEndpointGroups.html b/docs/dyn/compute_alpha.regionNetworkEndpointGroups.html
index 2e6617a..39751af 100644
--- a/docs/dyn/compute_alpha.regionNetworkEndpointGroups.html
+++ b/docs/dyn/compute_alpha.regionNetworkEndpointGroups.html
@@ -134,9 +134,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -317,9 +314,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html

diff --git a/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html b/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html
index 457937e..5f431ce 100644
--- a/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html
+++ b/docs/dyn/compute_alpha.regionNetworkFirewallPolicies.html
@@ -180,9 +180,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -304,9 +301,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -373,9 +367,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -446,9 +437,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -706,7 +694,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -1020,9 +1008,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1297,9 +1282,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1420,9 +1402,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1489,9 +1468,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1558,9 +1534,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionNotificationEndpoints.html

diff --git a/docs/dyn/compute_alpha.regionNotificationEndpoints.html b/docs/dyn/compute_alpha.regionNotificationEndpoints.html
index 654a50e..240193d 100644
--- a/docs/dyn/compute_alpha.regionNotificationEndpoints.html
+++ b/docs/dyn/compute_alpha.regionNotificationEndpoints.html
@@ -233,9 +233,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -360,9 +357,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionOperations.html

diff --git a/docs/dyn/compute_alpha.regionOperations.html b/docs/dyn/compute_alpha.regionOperations.html
index 0fdeaad..a23ffc8 100644
--- a/docs/dyn/compute_alpha.regionOperations.html
+++ b/docs/dyn/compute_alpha.regionOperations.html
@@ -148,9 +148,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -222,9 +219,6 @@
       "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
       "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
       "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-      "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-        "a_key": "", # Properties of the object. Contains field @type with type URL.
-      },
       "name": "A String", # [Output Only] Name of the operation.
       "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
       "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -318,9 +312,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionSecurityPolicies.html

diff --git a/docs/dyn/compute_alpha.regionSecurityPolicies.html b/docs/dyn/compute_alpha.regionSecurityPolicies.html
index ae10ae8..b0a274b 100644
--- a/docs/dyn/compute_alpha.regionSecurityPolicies.html
+++ b/docs/dyn/compute_alpha.regionSecurityPolicies.html
@@ -137,9 +137,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -473,9 +470,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -848,9 +842,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionSslCertificates.html

diff --git a/docs/dyn/compute_alpha.regionSslCertificates.html b/docs/dyn/compute_alpha.regionSslCertificates.html
index 7d36529..dafbe82 100644
--- a/docs/dyn/compute_alpha.regionSslCertificates.html
+++ b/docs/dyn/compute_alpha.regionSslCertificates.html
@@ -137,9 +137,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -286,9 +283,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionTargetHttpProxies.html

diff --git a/docs/dyn/compute_alpha.regionTargetHttpProxies.html b/docs/dyn/compute_alpha.regionTargetHttpProxies.html
index f7a163f..1c9cdf2 100644
--- a/docs/dyn/compute_alpha.regionTargetHttpProxies.html
+++ b/docs/dyn/compute_alpha.regionTargetHttpProxies.html
@@ -140,9 +140,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -261,9 +258,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -406,9 +400,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionTargetHttpsProxies.html

diff --git a/docs/dyn/compute_alpha.regionTargetHttpsProxies.html b/docs/dyn/compute_alpha.regionTargetHttpsProxies.html
index 14a4892..de4d2ff 100644
--- a/docs/dyn/compute_alpha.regionTargetHttpsProxies.html
+++ b/docs/dyn/compute_alpha.regionTargetHttpsProxies.html
@@ -143,9 +143,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -284,9 +281,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -441,9 +435,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -516,9 +507,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.regionUrlMaps.html

diff --git a/docs/dyn/compute_alpha.regionUrlMaps.html b/docs/dyn/compute_alpha.regionUrlMaps.html
index 599629d..21633f9 100644
--- a/docs/dyn/compute_alpha.regionUrlMaps.html
+++ b/docs/dyn/compute_alpha.regionUrlMaps.html
@@ -149,9 +149,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1370,9 +1367,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1446,9 +1440,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2704,9 +2695,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3374,9 +3362,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.reservations.html

diff --git a/docs/dyn/compute_alpha.reservations.html b/docs/dyn/compute_alpha.reservations.html
index 9278ab3..23de53c 100644
--- a/docs/dyn/compute_alpha.reservations.html
+++ b/docs/dyn/compute_alpha.reservations.html
@@ -279,9 +279,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -579,9 +576,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -761,9 +755,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1132,9 +1123,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.resourcePolicies.html

diff --git a/docs/dyn/compute_alpha.resourcePolicies.html b/docs/dyn/compute_alpha.resourcePolicies.html
index d91e6ea..ca16aa5 100644
--- a/docs/dyn/compute_alpha.resourcePolicies.html
+++ b/docs/dyn/compute_alpha.resourcePolicies.html
@@ -307,9 +307,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -673,9 +670,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.routers.html

diff --git a/docs/dyn/compute_alpha.routers.html b/docs/dyn/compute_alpha.routers.html
index 5cad9b4..a7c5a45 100644
--- a/docs/dyn/compute_alpha.routers.html
+++ b/docs/dyn/compute_alpha.routers.html
@@ -357,9 +357,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1080,9 +1077,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1456,9 +1450,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1959,9 +1950,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.routes.html

diff --git a/docs/dyn/compute_alpha.routes.html b/docs/dyn/compute_alpha.routes.html
index 5f442cb..1c056f3 100644
--- a/docs/dyn/compute_alpha.routes.html
+++ b/docs/dyn/compute_alpha.routes.html
@@ -136,9 +136,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -315,9 +312,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.securityPolicies.html

diff --git a/docs/dyn/compute_alpha.securityPolicies.html b/docs/dyn/compute_alpha.securityPolicies.html
index 7eb1e84..29af9ff 100644
--- a/docs/dyn/compute_alpha.securityPolicies.html
+++ b/docs/dyn/compute_alpha.securityPolicies.html
@@ -240,9 +240,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -507,9 +504,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -937,9 +931,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1350,9 +1341,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1500,9 +1488,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1567,9 +1552,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1643,9 +1625,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.serviceAttachments.html

diff --git a/docs/dyn/compute_alpha.serviceAttachments.html b/docs/dyn/compute_alpha.serviceAttachments.html
index bf51229..ba1e374 100644
--- a/docs/dyn/compute_alpha.serviceAttachments.html
+++ b/docs/dyn/compute_alpha.serviceAttachments.html
@@ -260,9 +260,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -528,9 +525,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -728,9 +722,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.snapshots.html

diff --git a/docs/dyn/compute_alpha.snapshots.html b/docs/dyn/compute_alpha.snapshots.html
index 7b8eef6..7473b7d 100644
--- a/docs/dyn/compute_alpha.snapshots.html
+++ b/docs/dyn/compute_alpha.snapshots.html
@@ -145,9 +145,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -452,9 +449,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -850,9 +844,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.sslCertificates.html

diff --git a/docs/dyn/compute_alpha.sslCertificates.html b/docs/dyn/compute_alpha.sslCertificates.html
index c6aa886..4f2bd7e 100644
--- a/docs/dyn/compute_alpha.sslCertificates.html
+++ b/docs/dyn/compute_alpha.sslCertificates.html
@@ -243,9 +243,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -390,9 +387,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.sslPolicies.html

diff --git a/docs/dyn/compute_alpha.sslPolicies.html b/docs/dyn/compute_alpha.sslPolicies.html
index 6cb467b..3d0e09d 100644
--- a/docs/dyn/compute_alpha.sslPolicies.html
+++ b/docs/dyn/compute_alpha.sslPolicies.html
@@ -142,9 +142,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -403,9 +400,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -727,9 +721,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.subnetworks.html

diff --git a/docs/dyn/compute_alpha.subnetworks.html b/docs/dyn/compute_alpha.subnetworks.html
index 663df55..c746eef 100644
--- a/docs/dyn/compute_alpha.subnetworks.html
+++ b/docs/dyn/compute_alpha.subnetworks.html
@@ -289,9 +289,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -364,9 +361,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -666,9 +660,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -966,9 +957,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -1253,9 +1241,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.targetGrpcProxies.html

diff --git a/docs/dyn/compute_alpha.targetGrpcProxies.html b/docs/dyn/compute_alpha.targetGrpcProxies.html
index 35e3acb..f8905cc 100644
--- a/docs/dyn/compute_alpha.targetGrpcProxies.html
+++ b/docs/dyn/compute_alpha.targetGrpcProxies.html
@@ -139,9 +139,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -250,9 +247,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -398,9 +392,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.targetHttpProxies.html

diff --git a/docs/dyn/compute_alpha.targetHttpProxies.html b/docs/dyn/compute_alpha.targetHttpProxies.html
index 99023c1..9ad6fdf 100644
--- a/docs/dyn/compute_alpha.targetHttpProxies.html
+++ b/docs/dyn/compute_alpha.targetHttpProxies.html
@@ -235,9 +235,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -354,9 +351,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -510,9 +504,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -584,9 +575,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.targetHttpsProxies.html

diff --git a/docs/dyn/compute_alpha.targetHttpsProxies.html b/docs/dyn/compute_alpha.targetHttpsProxies.html
index a3be8d6..37545ea 100644
--- a/docs/dyn/compute_alpha.targetHttpsProxies.html
+++ b/docs/dyn/compute_alpha.targetHttpsProxies.html
@@ -257,9 +257,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -396,9 +393,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -572,9 +566,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -646,9 +637,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -720,9 +708,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -796,9 +781,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -870,9 +852,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -944,9 +923,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.targetInstances.html

diff --git a/docs/dyn/compute_alpha.targetInstances.html b/docs/dyn/compute_alpha.targetInstances.html
index a08c06f..2a015a8 100644
--- a/docs/dyn/compute_alpha.targetInstances.html
+++ b/docs/dyn/compute_alpha.targetInstances.html
@@ -227,9 +227,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -342,9 +339,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.targetPools.html

diff --git a/docs/dyn/compute_alpha.targetPools.html b/docs/dyn/compute_alpha.targetPools.html
index 9c60ef0..83060f7 100644
--- a/docs/dyn/compute_alpha.targetPools.html
+++ b/docs/dyn/compute_alpha.targetPools.html
@@ -167,9 +167,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -246,9 +243,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -409,9 +403,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -579,9 +570,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -731,9 +719,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -810,9 +795,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -886,9 +868,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.targetSslProxies.html

diff --git a/docs/dyn/compute_alpha.targetSslProxies.html b/docs/dyn/compute_alpha.targetSslProxies.html
index 0582db9..550dba9 100644
--- a/docs/dyn/compute_alpha.targetSslProxies.html
+++ b/docs/dyn/compute_alpha.targetSslProxies.html
@@ -151,9 +151,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -268,9 +265,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -410,9 +404,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -484,9 +475,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -558,9 +546,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -634,9 +619,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -708,9 +690,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.targetTcpProxies.html

diff --git a/docs/dyn/compute_alpha.targetTcpProxies.html b/docs/dyn/compute_alpha.targetTcpProxies.html
index 9bfa4e7..2fc39b9 100644
--- a/docs/dyn/compute_alpha.targetTcpProxies.html
+++ b/docs/dyn/compute_alpha.targetTcpProxies.html
@@ -142,9 +142,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -251,9 +248,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -389,9 +383,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -463,9 +454,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.targetVpnGateways.html

diff --git a/docs/dyn/compute_alpha.targetVpnGateways.html b/docs/dyn/compute_alpha.targetVpnGateways.html
index ddc88dd..3029a65 100644
--- a/docs/dyn/compute_alpha.targetVpnGateways.html
+++ b/docs/dyn/compute_alpha.targetVpnGateways.html
@@ -238,9 +238,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -369,9 +366,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -522,9 +516,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.urlMaps.html

diff --git a/docs/dyn/compute_alpha.urlMaps.html b/docs/dyn/compute_alpha.urlMaps.html
index 39d35aa..05f1fdb 100644
--- a/docs/dyn/compute_alpha.urlMaps.html
+++ b/docs/dyn/compute_alpha.urlMaps.html
@@ -791,9 +791,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2010,9 +2007,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -2085,9 +2079,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -3341,9 +3332,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -4009,9 +3997,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.vpnGateways.html

diff --git a/docs/dyn/compute_alpha.vpnGateways.html b/docs/dyn/compute_alpha.vpnGateways.html
index f3655f6..ad3b144 100644
--- a/docs/dyn/compute_alpha.vpnGateways.html
+++ b/docs/dyn/compute_alpha.vpnGateways.html
@@ -242,9 +242,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -414,9 +411,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -568,9 +562,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.vpnTunnels.html

diff --git a/docs/dyn/compute_alpha.vpnTunnels.html b/docs/dyn/compute_alpha.vpnTunnels.html
index 3bbaf7d..6a354cc 100644
--- a/docs/dyn/compute_alpha.vpnTunnels.html
+++ b/docs/dyn/compute_alpha.vpnTunnels.html
@@ -249,9 +249,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -402,9 +399,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -566,9 +560,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_alpha.zoneOperations.html

diff --git a/docs/dyn/compute_alpha.zoneOperations.html b/docs/dyn/compute_alpha.zoneOperations.html
index 883b9e4..05cc6ba 100644
--- a/docs/dyn/compute_alpha.zoneOperations.html
+++ b/docs/dyn/compute_alpha.zoneOperations.html
@@ -148,9 +148,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -222,9 +219,6 @@
       "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
       "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
       "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-      "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-        "a_key": "", # Properties of the object. Contains field @type with type URL.
-      },
       "name": "A String", # [Output Only] Name of the operation.
       "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
       "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
@@ -318,9 +312,6 @@
   "id": "A String", # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
   "insertTime": "A String", # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
   "kind": "compute#operation", # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  "metadata": { # [Output Only] Service-specific metadata attached to this operation.
-    "a_key": "", # Properties of the object. Contains field @type with type URL.
-  },
   "name": "A String", # [Output Only] Name of the operation.
   "operationGroupId": "A String", # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
   "operationType": "A String", # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.

docs/dyn/compute_beta.backendBuckets.html

diff --git a/docs/dyn/compute_beta.backendBuckets.html b/docs/dyn/compute_beta.backendBuckets.html
index 1723650..bb863d4 100644
--- a/docs/dyn/compute_beta.backendBuckets.html
+++ b/docs/dyn/compute_beta.backendBuckets.html
@@ -352,7 +352,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -514,7 +514,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -640,7 +640,7 @@
           ],
         },
         "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -728,7 +728,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1154,7 +1154,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.

docs/dyn/compute_beta.backendServices.html

diff --git a/docs/dyn/compute_beta.backendServices.html b/docs/dyn/compute_beta.backendServices.html
index f710939..56030e0 100644
--- a/docs/dyn/compute_beta.backendServices.html
+++ b/docs/dyn/compute_beta.backendServices.html
@@ -267,7 +267,7 @@
               ],
             },
             "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-            "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+            "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
             "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
             "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
             "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -391,7 +391,6 @@
           "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
           "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
             "policy": "A String",
-            "subsetSize": 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
           },
           "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
         },
@@ -630,7 +629,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -754,7 +753,6 @@
   "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
-    "subsetSize": 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }</pre>
@@ -960,7 +958,7 @@
       ],
     },
     &quot;cacheMode&quot;: &quot;A String&quot;, # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google&#x27;s edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any &quot;private&quot;, &quot;no-store&quot; or &quot;no-cache&quot; directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     &quot;defaultTtl&quot;: 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;maxTtl&quot;: 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;negativeCaching&quot;: True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1084,7 +1082,6 @@
   &quot;sessionAffinity&quot;: &quot;A String&quot;, # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   &quot;subsetting&quot;: { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     &quot;policy&quot;: &quot;A String&quot;,
-    &quot;subsetSize&quot;: 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
   },
   &quot;timeoutSec&quot;: 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
@@ -1209,7 +1206,7 @@
           ],
         },
         &quot;cacheMode&quot;: &quot;A String&quot;, # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google&#x27;s edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any &quot;private&quot;, &quot;no-store&quot; or &quot;no-cache&quot; directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-        &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+        &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         &quot;defaultTtl&quot;: 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         &quot;maxTtl&quot;: 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         &quot;negativeCaching&quot;: True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1333,7 +1330,6 @@
       &quot;sessionAffinity&quot;: &quot;A String&quot;, # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       &quot;subsetting&quot;: { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
         &quot;policy&quot;: &quot;A String&quot;,
-        &quot;subsetSize&quot;: 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
       },
       &quot;timeoutSec&quot;: 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
     },
@@ -1420,7 +1416,7 @@
       ],
     },
     &quot;cacheMode&quot;: &quot;A String&quot;, # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google&#x27;s edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any &quot;private&quot;, &quot;no-store&quot; or &quot;no-cache&quot; directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     &quot;defaultTtl&quot;: 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;maxTtl&quot;: 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;negativeCaching&quot;: True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1544,7 +1540,6 @@
   &quot;sessionAffinity&quot;: &quot;A String&quot;, # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   &quot;subsetting&quot;: { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     &quot;policy&quot;: &quot;A String&quot;,
-    &quot;subsetSize&quot;: 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
   },
   &quot;timeoutSec&quot;: 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
@@ -2039,7 +2034,7 @@
       ],
     },
     &quot;cacheMode&quot;: &quot;A String&quot;, # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google&#x27;s edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any &quot;private&quot;, &quot;no-store&quot; or &quot;no-cache&quot; directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     &quot;defaultTtl&quot;: 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;maxTtl&quot;: 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;negativeCaching&quot;: True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -2163,7 +2158,6 @@
   &quot;sessionAffinity&quot;: &quot;A String&quot;, # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   &quot;subsetting&quot;: { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     &quot;policy&quot;: &quot;A String&quot;,
-    &quot;subsetSize&quot;: 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
   },
   &quot;timeoutSec&quot;: 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }

docs/dyn/compute_beta.firewalls.html

diff --git a/docs/dyn/compute_beta.firewalls.html b/docs/dyn/compute_beta.firewalls.html
index 3f32bd6..e069554 100644
--- a/docs/dyn/compute_beta.firewalls.html
+++ b/docs/dyn/compute_beta.firewalls.html
@@ -216,7 +216,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -278,7 +278,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -408,7 +408,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -500,7 +500,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -649,7 +649,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.

docs/dyn/compute_beta.instanceTemplates.html

diff --git a/docs/dyn/compute_beta.instanceTemplates.html b/docs/dyn/compute_beta.instanceTemplates.html
index 51f3c45..22f3230 100644
--- a/docs/dyn/compute_beta.instanceTemplates.html
+++ b/docs/dyn/compute_beta.instanceTemplates.html
@@ -192,12 +192,12 @@
   "kind": "compute#instanceTemplate", # [Output Only] The resource type, which is always compute#instanceTemplate for instance templates.
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "properties": { # The instance properties for this instance template.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -294,7 +294,7 @@
         ],
       },
     ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -328,8 +328,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -348,8 +348,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -365,19 +365,19 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+    "networkPerformanceConfig": {
       "totalEgressBandwidthTier": "A String",
     },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -409,7 +409,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -561,12 +561,12 @@
   "kind": "compute#instanceTemplate", # [Output Only] The resource type, which is always compute#instanceTemplate for instance templates.
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "properties": { # The instance properties for this instance template.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -663,7 +663,7 @@
         ],
       },
     ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -697,8 +697,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -717,8 +717,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -734,19 +734,19 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+    "networkPerformanceConfig": {
       "totalEgressBandwidthTier": "A String",
     },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -778,7 +778,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -894,12 +894,12 @@
       "kind": "compute#instanceTemplate", # [Output Only] The resource type, which is always compute#instanceTemplate for instance templates.
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "properties": { # The instance properties for this instance template.
-        "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+        "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
           "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
           "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
         },
         "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-        "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+        "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
           "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
         },
         "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -996,7 +996,7 @@
             ],
           },
         ],
-        "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+        "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
           "enableDisplay": True or False, # Defines whether the instance has Display enabled.
         },
         "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -1030,8 +1030,8 @@
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -1050,8 +1050,8 @@
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -1067,19 +1067,19 @@
             "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
           },
         ],
-        "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+        "networkPerformanceConfig": {
           "totalEgressBandwidthTier": "A String",
         },
-        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-        "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+        "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
           "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
           "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
           "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
             "A String",
           ],
         },
-        "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+        "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
           "A String",
         ],
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -1111,7 +1111,7 @@
             ],
           },
         ],
-        "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+        "shieldedInstanceConfig": { # A set of Shielded Instance options.
           "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
           "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
           "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.

docs/dyn/compute_beta.instances.html

diff --git a/docs/dyn/compute_beta.instances.html b/docs/dyn/compute_beta.instances.html
index 814929a..444595c 100644
--- a/docs/dyn/compute_beta.instances.html
+++ b/docs/dyn/compute_beta.instances.html
@@ -253,8 +253,8 @@
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
@@ -562,8 +562,8 @@
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
                 },
               ],
@@ -582,8 +582,8 @@
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
                 },
               ],
@@ -899,12 +899,12 @@
 { # A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert . This resource is not persisted anywhere, it is used only for processing the requests.
   "count": "A String", # The maximum number of instances to create.
   "instanceProperties": { # The instance properties defining the VM instances to be created. Required if sourceInstanceTemplate is not provided.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -1001,7 +1001,7 @@
         ],
       },
     ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -1035,8 +1035,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -1055,8 +1055,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -1072,19 +1072,19 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+    "networkPerformanceConfig": {
       "totalEgressBandwidthTier": "A String",
     },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -1116,7 +1116,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -1572,8 +1572,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -1592,8 +1592,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -1784,7 +1784,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -2292,8 +2292,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -2312,8 +2312,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -2642,8 +2642,8 @@
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
               "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
             },
           ],
@@ -2662,8 +2662,8 @@
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
               "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
             },
           ],
@@ -4788,8 +4788,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -4808,8 +4808,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -4994,8 +4994,8 @@
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
@@ -5147,8 +5147,8 @@
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
       "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
     },
   ],
@@ -5167,8 +5167,8 @@
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
       "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
     },
   ],

docs/dyn/compute_beta.machineImages.html

diff --git a/docs/dyn/compute_beta.machineImages.html b/docs/dyn/compute_beta.machineImages.html
index 8c4ed68..92de184 100644
--- a/docs/dyn/compute_beta.machineImages.html
+++ b/docs/dyn/compute_beta.machineImages.html
@@ -281,8 +281,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -301,8 +301,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -318,7 +318,7 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance. (will be deprecated soon)
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
       "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
@@ -572,8 +572,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -592,8 +592,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -609,7 +609,7 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance. (will be deprecated soon)
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
       "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
       "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.
@@ -828,8 +828,8 @@
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -848,8 +848,8 @@
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -865,7 +865,7 @@
             "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
           },
         ],
-        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
+        "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance. (will be deprecated soon)
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from this machine image.
           "automaticRestart": True or False, # Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine.
           "hostErrorTimeoutSeconds": 42, # Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used.

docs/dyn/compute_beta.networks.html

diff --git a/docs/dyn/compute_beta.networks.html b/docs/dyn/compute_beta.networks.html
index 8f7cb46..456f71e 100644
--- a/docs/dyn/compute_beta.networks.html
+++ b/docs/dyn/compute_beta.networks.html
@@ -413,7 +413,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.

docs/dyn/compute_beta.regionBackendServices.html

diff --git a/docs/dyn/compute_beta.regionBackendServices.html b/docs/dyn/compute_beta.regionBackendServices.html
index 263cd55..00ee4bb 100644
--- a/docs/dyn/compute_beta.regionBackendServices.html
+++ b/docs/dyn/compute_beta.regionBackendServices.html
@@ -238,7 +238,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -362,7 +362,6 @@
   "sessionAffinity": "A String", # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   "subsetting": { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     "policy": "A String",
-    "subsetSize": 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
   },
   "timeoutSec": 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }</pre>
@@ -571,7 +570,7 @@
       ],
     },
     &quot;cacheMode&quot;: &quot;A String&quot;, # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google&#x27;s edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any &quot;private&quot;, &quot;no-store&quot; or &quot;no-cache&quot; directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     &quot;defaultTtl&quot;: 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;maxTtl&quot;: 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;negativeCaching&quot;: True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -695,7 +694,6 @@
   &quot;sessionAffinity&quot;: &quot;A String&quot;, # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   &quot;subsetting&quot;: { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     &quot;policy&quot;: &quot;A String&quot;,
-    &quot;subsetSize&quot;: 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
   },
   &quot;timeoutSec&quot;: 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
@@ -821,7 +819,7 @@
           ],
         },
         &quot;cacheMode&quot;: &quot;A String&quot;, # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google&#x27;s edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any &quot;private&quot;, &quot;no-store&quot; or &quot;no-cache&quot; directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-        &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+        &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         &quot;defaultTtl&quot;: 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         &quot;maxTtl&quot;: 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         &quot;negativeCaching&quot;: True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -945,7 +943,6 @@
       &quot;sessionAffinity&quot;: &quot;A String&quot;, # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
       &quot;subsetting&quot;: { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
         &quot;policy&quot;: &quot;A String&quot;,
-        &quot;subsetSize&quot;: 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
       },
       &quot;timeoutSec&quot;: 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
     },
@@ -1033,7 +1030,7 @@
       ],
     },
     &quot;cacheMode&quot;: &quot;A String&quot;, # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google&#x27;s edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any &quot;private&quot;, &quot;no-store&quot; or &quot;no-cache&quot; directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     &quot;defaultTtl&quot;: 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;maxTtl&quot;: 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;negativeCaching&quot;: True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1157,7 +1154,6 @@
   &quot;sessionAffinity&quot;: &quot;A String&quot;, # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   &quot;subsetting&quot;: { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     &quot;policy&quot;: &quot;A String&quot;,
-    &quot;subsetSize&quot;: 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
   },
   &quot;timeoutSec&quot;: 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }
@@ -1515,7 +1511,7 @@
       ],
     },
     &quot;cacheMode&quot;: &quot;A String&quot;, # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google&#x27;s edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any &quot;private&quot;, &quot;no-store&quot; or &quot;no-cache&quot; directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    &quot;clientTtl&quot;: 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a &quot;public&quot; directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a &quot;public&quot; cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     &quot;defaultTtl&quot;: 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;maxTtl&quot;: 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of &quot;0&quot; means &quot;always revalidate&quot;. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     &quot;negativeCaching&quot;: True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1639,7 +1635,6 @@
   &quot;sessionAffinity&quot;: &quot;A String&quot;, # Type of session affinity to use. The default is NONE. For a detailed description of session affinity options, see: [Session affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity). Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.
   &quot;subsetting&quot;: { # Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.
     &quot;policy&quot;: &quot;A String&quot;,
-    &quot;subsetSize&quot;: 42, # The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled.
   },
   &quot;timeoutSec&quot;: 42, # Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. Instead, use maxStreamDuration.
 }

docs/dyn/compute_beta.regionInstanceGroupManagers.html

diff --git a/docs/dyn/compute_beta.regionInstanceGroupManagers.html b/docs/dyn/compute_beta.regionInstanceGroupManagers.html
index 0a03050..6b6a77d 100644
--- a/docs/dyn/compute_beta.regionInstanceGroupManagers.html
+++ b/docs/dyn/compute_beta.regionInstanceGroupManagers.html
@@ -138,9 +138,6 @@
   <code><a href="#resize">resize(project, region, instanceGroupManager, size, requestId=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Changes the intended size of the managed instance group. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.</p>
 <p class="toc_element">
-  <code><a href="#resizeAdvanced">resizeAdvanced(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Resizes the regional managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the get or listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.</p>
-<p class="toc_element">
   <code><a href="#setAutoHealingPolicies">setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Modifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use regionInstanceGroupManagers.patch instead.</p>
 <p class="toc_element">
@@ -1677,78 +1674,6 @@
 </div>
 
 <div class="method">
-    <code class="details" id="resizeAdvanced">resizeAdvanced(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)</code>
-  <pre>Resizes the regional managed instance group with advanced configuration options like disabling creation retries. This is an extended version of the resize method. If you increase the size, the group creates new instances using the current instance template. If you decrease the size, the group deletes one or more instances. The resize operation is marked DONE if the resize request is successful. The underlying actions take additional time. You must separately verify the status of the creating or deleting actions with the get or listmanagedinstances method. If the group is part of a backend service that has enabled connection draining, it can take up to 60 seconds after the connection draining duration has elapsed before the VM instance is removed or deleted.
-
-Args:
-  project: string, Project ID for this request. (required)
-  region: string, Name of the region scoping this request. It must be a string that meets the requirements in RFC1035. (required)
-  instanceGroupManager: string, The name of the managed instance group. It must be a string that meets the requirements in RFC1035. (required)
-  body: object, The request body.
-    The object takes the form of:
-
-{
-  &quot;noCreationRetries&quot;: True or False, # If this flag is true, the managed instance group attempts to create all instances initiated by this resize request only once. If there is an error during creation, the managed instance group does not retry create this instance, and we will decrease the targetSize of the request instead. If the flag is false, the group attempts to recreate each instance continuously until it succeeds. This flag matters only in the first attempt of creation of an instance. After an instance is successfully created while this flag is enabled, the instance behaves the same way as all the other instances created with a regular resize request. In particular, if a running instance dies unexpectedly at a later time and needs to be recreated, this mode does not affect the recreation behavior in that scenario. This flag is applicable only to the current resize request. It does not influence other resize requests in any way. You can see which instances ar being created in which mode by calling the get or listManagedInstances API.
-  &quot;targetSize&quot;: 42, # The number of running instances that the managed instance group should maintain at any given time. The group automatically adds or removes instances to maintain the number of instances specified by this parameter.
-}
-
-  requestId: string, An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported ( 00000000-0000-0000-0000-000000000000).
-  x__xgafv: string, V1 error format.
-    Allowed values
-      1 - v1 error format
-      2 - v2 error format
-
-Returns:
-  An object of the form:
-
-    { # Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/beta/globalOperations) * [Regional](/compute/docs/reference/rest/beta/regionOperations) * [Zonal](/compute/docs/reference/rest/beta/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zonalOperations` resource. For more information, read Global, Regional, and Zonal Resources.
-  &quot;clientOperationId&quot;: &quot;A String&quot;, # [Output Only] The value of `requestId` if you provided it in the request. Not present otherwise.
-  &quot;creationTimestamp&quot;: &quot;A String&quot;, # [Deprecated] This field is deprecated.
-  &quot;description&quot;: &quot;A String&quot;, # [Output Only] A textual description of the operation, which is set when the operation is created.
-  &quot;endTime&quot;: &quot;A String&quot;, # [Output Only] The time that this operation was completed. This value is in RFC3339 text format.
-  &quot;error&quot;: { # [Output Only] If errors are generated during processing of the operation, this field will be populated.
-    &quot;errors&quot;: [ # [Output Only] The array of errors encountered while processing this operation.
-      {
-        &quot;code&quot;: &quot;A String&quot;, # [Output Only] The error type identifier for this error.
-        &quot;location&quot;: &quot;A String&quot;, # [Output Only] Indicates the field in the request that caused the error. This property is optional.
-        &quot;message&quot;: &quot;A String&quot;, # [Output Only] An optional, human-readable error message.
-      },
-    ],
-  },
-  &quot;httpErrorMessage&quot;: &quot;A String&quot;, # [Output Only] If the operation fails, this field contains the HTTP error message that was returned, such as `NOT FOUND`.
-  &quot;httpErrorStatusCode&quot;: 42, # [Output Only] If the operation fails, this field contains the HTTP error status code that was returned. For example, a `404` means the resource was not found.
-  &quot;id&quot;: &quot;A String&quot;, # [Output Only] The unique identifier for the operation. This identifier is defined by the server.
-  &quot;insertTime&quot;: &quot;A String&quot;, # [Output Only] The time that this operation was requested. This value is in RFC3339 text format.
-  &quot;kind&quot;: &quot;compute#operation&quot;, # [Output Only] Type of the resource. Always `compute#operation` for Operation resources.
-  &quot;name&quot;: &quot;A String&quot;, # [Output Only] Name of the operation.
-  &quot;operationGroupId&quot;: &quot;A String&quot;, # [Output Only] An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request.
-  &quot;operationType&quot;: &quot;A String&quot;, # [Output Only] The type of operation, such as `insert`, `update`, or `delete`, and so on.
-  &quot;progress&quot;: 42, # [Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses.
-  &quot;region&quot;: &quot;A String&quot;, # [Output Only] The URL of the region where the operation resides. Only applicable when performing regional operations.
-  &quot;selfLink&quot;: &quot;A String&quot;, # [Output Only] Server-defined URL for the resource.
-  &quot;startTime&quot;: &quot;A String&quot;, # [Output Only] The time that this operation was started by the server. This value is in RFC3339 text format.
-  &quot;status&quot;: &quot;A String&quot;, # [Output Only] The status of the operation, which can be one of the following: `PENDING`, `RUNNING`, or `DONE`.
-  &quot;statusMessage&quot;: &quot;A String&quot;, # [Output Only] An optional textual description of the current status of the operation.
-  &quot;targetId&quot;: &quot;A String&quot;, # [Output Only] The unique target ID, which identifies a specific incarnation of the target resource.
-  &quot;targetLink&quot;: &quot;A String&quot;, # [Output Only] The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from.
-  &quot;user&quot;: &quot;A String&quot;, # [Output Only] User who requested the operation, for example: `user@example.com`.
-  &quot;warnings&quot;: [ # [Output Only] If warning messages are generated during processing of the operation, this field will be populated.
-    {
-      &quot;code&quot;: &quot;A String&quot;, # [Output Only] A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response.
-      &quot;data&quot;: [ # [Output Only] Metadata about this warning in key: value format. For example: &quot;data&quot;: [ { &quot;key&quot;: &quot;scope&quot;, &quot;value&quot;: &quot;zones/us-east1-d&quot; }
-        {
-          &quot;key&quot;: &quot;A String&quot;, # [Output Only] A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding).
-          &quot;value&quot;: &quot;A String&quot;, # [Output Only] A warning data value corresponding to the key.
-        },
-      ],
-      &quot;message&quot;: &quot;A String&quot;, # [Output Only] A human-readable description of the warning code.
-    },
-  ],
-  &quot;zone&quot;: &quot;A String&quot;, # [Output Only] The URL of the zone where the operation resides. Only applicable when performing per-zone operations.
-}</pre>
-</div>
-
-<div class="method">
     <code class="details" id="setAutoHealingPolicies">setAutoHealingPolicies(project, region, instanceGroupManager, body=None, requestId=None, x__xgafv=None)</code>
   <pre>Modifies the autohealing policy for the instances in this managed instance group. [Deprecated] This method is deprecated. Use regionInstanceGroupManagers.patch instead.
 

docs/dyn/compute_beta.regionInstances.html

diff --git a/docs/dyn/compute_beta.regionInstances.html b/docs/dyn/compute_beta.regionInstances.html
index aa37f56..de7eafe 100644
--- a/docs/dyn/compute_beta.regionInstances.html
+++ b/docs/dyn/compute_beta.regionInstances.html
@@ -94,12 +94,12 @@
 { # A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert . This resource is not persisted anywhere, it is used only for processing the requests.
   "count": "A String", # The maximum number of instances to create.
   "instanceProperties": { # The instance properties defining the VM instances to be created. Required if sourceInstanceTemplate is not provided.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -196,7 +196,7 @@
         ],
       },
     ],
-    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet.
+    "displayDevice": { # A set of Display Device options # Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer
       "enableDisplay": True or False, # Defines whether the instance has Display enabled.
     },
     "guestAccelerators": [ # A list of guest accelerator cards' type and count to use for instances created from these properties.
@@ -230,8 +230,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -250,8 +250,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -267,19 +267,19 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "networkPerformanceConfig": { # Note that for MachineImage, this is not supported yet.
+    "networkPerformanceConfig": {
       "totalEgressBandwidthTier": "A String",
     },
-    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "postKeyRevocationActionType": "A String", # PostKeyRevocationActionType of the instance.(will be deprecated soon)
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -311,7 +311,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.

docs/dyn/compute_beta.routers.html

diff --git a/docs/dyn/compute_beta.routers.html b/docs/dyn/compute_beta.routers.html
index 505bf77..d13f4ff 100644
--- a/docs/dyn/compute_beta.routers.html
+++ b/docs/dyn/compute_beta.routers.html
@@ -212,14 +212,12 @@
               "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
                 "A String",
               ],
-              "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
               "enableEndpointIndependentMapping": True or False,
               "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
               "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
                 "enable": True or False, # Indicates whether or not to export logs. This is false by default.
                 "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
               },
-              "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
               "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
               "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
               "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
@@ -461,14 +459,12 @@
       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
         "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
       "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
@@ -932,14 +928,12 @@
       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
         "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
       "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
@@ -1130,14 +1124,12 @@
           "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
             "A String",
           ],
-          "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
           "enableEndpointIndependentMapping": True or False,
           "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
           "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
             "enable": True or False, # Indicates whether or not to export logs. This is false by default.
             "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
           },
-          "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
           "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
           "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
           "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
@@ -1290,14 +1282,12 @@
       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
         "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
       "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
@@ -1476,14 +1466,12 @@
       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
         "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
       "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
@@ -1604,14 +1592,12 @@
         "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
           "A String",
         ],
-        "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
         "enableEndpointIndependentMapping": True or False,
         "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
         "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
           "enable": True or False, # Indicates whether or not to export logs. This is false by default.
           "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
         },
-        "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
         "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
         "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
         "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.
@@ -1768,14 +1754,12 @@
       "drainNatIps": [ # A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.
         "A String",
       ],
-      "enableDynamicPortAllocation": True or False, # Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.
       "enableEndpointIndependentMapping": True or False,
       "icmpIdleTimeoutSec": 42, # Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.
       "logConfig": { # Configuration of logging on a NAT. # Configure logging on this NAT.
         "enable": True or False, # Indicates whether or not to export logs. This is false by default.
         "filter": "A String", # Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful.
       },
-      "maxPortsPerVm": 42, # Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.
       "minPortsPerVm": 42, # Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.
       "name": "A String", # Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.
       "natIpAllocateOption": "A String", # Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty.

docs/dyn/compute_v1.backendBuckets.html

diff --git a/docs/dyn/compute_v1.backendBuckets.html b/docs/dyn/compute_v1.backendBuckets.html
index 2c3a7dd..a7e105b 100644
--- a/docs/dyn/compute_v1.backendBuckets.html
+++ b/docs/dyn/compute_v1.backendBuckets.html
@@ -332,7 +332,7 @@
       },
     ],
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -380,7 +380,7 @@
       },
     ],
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -496,7 +496,7 @@
           },
         ],
         "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -574,7 +574,7 @@
       },
     ],
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -678,7 +678,7 @@
       },
     ],
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.

docs/dyn/compute_v1.backendServices.html

diff --git a/docs/dyn/compute_v1.backendServices.html b/docs/dyn/compute_v1.backendServices.html
index 469a904..72e77f0 100644
--- a/docs/dyn/compute_v1.backendServices.html
+++ b/docs/dyn/compute_v1.backendServices.html
@@ -249,7 +249,7 @@
               ],
             },
             "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-            "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+            "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
             "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
             "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
             "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -592,7 +592,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -798,7 +798,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1027,7 +1027,7 @@
           ],
         },
         "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1218,7 +1218,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1505,7 +1505,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.

docs/dyn/compute_v1.firewalls.html

diff --git a/docs/dyn/compute_v1.firewalls.html b/docs/dyn/compute_v1.firewalls.html
index 0858c59..094651e 100644
--- a/docs/dyn/compute_v1.firewalls.html
+++ b/docs/dyn/compute_v1.firewalls.html
@@ -212,7 +212,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -273,7 +273,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -402,7 +402,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -493,7 +493,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -610,7 +610,7 @@
     "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
     "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
   },
-  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+  "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
   "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
   "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
   "selfLink": "A String", # [Output Only] Server-defined URL for the resource.

docs/dyn/compute_v1.instanceTemplates.html

diff --git a/docs/dyn/compute_v1.instanceTemplates.html b/docs/dyn/compute_v1.instanceTemplates.html
index 29e1a4c..bf76bb2 100644
--- a/docs/dyn/compute_v1.instanceTemplates.html
+++ b/docs/dyn/compute_v1.instanceTemplates.html
@@ -192,12 +192,12 @@
   "kind": "compute#instanceTemplate", # [Output Only] The resource type, which is always compute#instanceTemplate for instance templates.
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "properties": { # The instance properties for this instance template.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -315,8 +315,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -335,8 +335,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -352,15 +352,15 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -387,7 +387,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -534,12 +534,12 @@
   "kind": "compute#instanceTemplate", # [Output Only] The resource type, which is always compute#instanceTemplate for instance templates.
   "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "properties": { # The instance properties for this instance template.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -657,8 +657,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -677,8 +677,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -694,15 +694,15 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -729,7 +729,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -840,12 +840,12 @@
       "kind": "compute#instanceTemplate", # [Output Only] The resource type, which is always compute#instanceTemplate for instance templates.
       "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "properties": { # The instance properties for this instance template.
-        "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+        "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
           "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
           "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
         },
         "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-        "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+        "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
           "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
         },
         "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -963,8 +963,8 @@
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -983,8 +983,8 @@
                 "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                 "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                 "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                 "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
               },
             ],
@@ -1000,15 +1000,15 @@
             "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
           },
         ],
-        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-        "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+        "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+        "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
           "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
           "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
           "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
             "A String",
           ],
         },
-        "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+        "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
           "A String",
         ],
         "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -1035,7 +1035,7 @@
             ],
           },
         ],
-        "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+        "shieldedInstanceConfig": { # A set of Shielded Instance options.
           "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
           "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
           "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.

docs/dyn/compute_v1.instances.html

diff --git a/docs/dyn/compute_v1.instances.html b/docs/dyn/compute_v1.instances.html
index d251b63..cebcdff 100644
--- a/docs/dyn/compute_v1.instances.html
+++ b/docs/dyn/compute_v1.instances.html
@@ -235,8 +235,8 @@
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
@@ -533,8 +533,8 @@
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
                 },
               ],
@@ -553,8 +553,8 @@
                   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
                   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
                   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+                  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+                  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
                   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
                 },
               ],
@@ -835,12 +835,12 @@
 { # A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert . This resource is not persisted anywhere, it is used only for processing the requests.
   "count": "A String", # The maximum number of instances to create.
   "instanceProperties": { # The instance properties defining the VM instances to be created. Required if sourceInstanceTemplate is not provided.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -958,8 +958,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -978,8 +978,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -995,15 +995,15 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -1030,7 +1030,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.
@@ -1470,8 +1470,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -1490,8 +1490,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -1656,7 +1656,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.
@@ -2048,8 +2048,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -2068,8 +2068,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -2361,8 +2361,8 @@
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
               "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
             },
           ],
@@ -2381,8 +2381,8 @@
               "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
               "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
               "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+              "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+              "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
               "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
             },
           ],
@@ -4169,8 +4169,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -4189,8 +4189,8 @@
           "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
           "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
           "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+          "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+          "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
           "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
         },
       ],
@@ -4350,8 +4350,8 @@
   "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
   "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
   "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+  "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+  "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
   "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
 }
 
@@ -4503,8 +4503,8 @@
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
       "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
     },
   ],
@@ -4523,8 +4523,8 @@
       "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
       "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
       "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+      "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+      "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
       "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
     },
   ],

docs/dyn/compute_v1.networks.html

diff --git a/docs/dyn/compute_v1.networks.html b/docs/dyn/compute_v1.networks.html
index 0602274..0709dae 100644
--- a/docs/dyn/compute_v1.networks.html
+++ b/docs/dyn/compute_v1.networks.html
@@ -409,7 +409,7 @@
         "enable": True or False, # This field denotes whether to enable logging for a particular firewall rule.
         "metadata": "A String", # This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.
       },
-      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
+      "name": "A String", # Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. The first character must be a lowercase letter, and all following characters (except for the last character) must be a dash, lowercase letter, or digit. The last character must be a lowercase letter or digit.
       "network": "A String", # URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this field, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/myproject/global/networks/my-network - projects/myproject/global/networks/my-network - global/networks/default
       "priority": 42, # Priority for this rule. This is an integer between `0` and `65535`, both inclusive. The default value is `1000`. Relative priorities determine which rule takes effect if multiple rules apply. Lower values indicate higher priority. For example, a rule with priority `0` has higher precedence than a rule with priority `1`. DENY rules take precedence over ALLOW rules if they have equal priority. Note that VPC networks have implied rules with a priority of `65535`. To avoid conflicts with the implied rules, use a priority number less than `65535`.
       "selfLink": "A String", # [Output Only] Server-defined URL for the resource.

docs/dyn/compute_v1.regionBackendServices.html

diff --git a/docs/dyn/compute_v1.regionBackendServices.html b/docs/dyn/compute_v1.regionBackendServices.html
index a9e9b54..369c789 100644
--- a/docs/dyn/compute_v1.regionBackendServices.html
+++ b/docs/dyn/compute_v1.regionBackendServices.html
@@ -223,7 +223,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -431,7 +431,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -661,7 +661,7 @@
           ],
         },
         "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+        "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
         "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
         "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -853,7 +853,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.
@@ -1071,7 +1071,7 @@
       ],
     },
     "cacheMode": "A String", # Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any "private", "no-store" or "no-cache" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.
-    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year).
+    "clientTtl": 42, # Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a "public" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a "public" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 86400s (1 day).
     "defaultTtl": 42, # Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of "0" means "always revalidate". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "maxTtl": 42, # Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of "0" means "always revalidate". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL.
     "negativeCaching": True or False, # Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy.

docs/dyn/compute_v1.regionCommitments.html

diff --git a/docs/dyn/compute_v1.regionCommitments.html b/docs/dyn/compute_v1.regionCommitments.html
index 662af97..2199ce6 100644
--- a/docs/dyn/compute_v1.regionCommitments.html
+++ b/docs/dyn/compute_v1.regionCommitments.html
@@ -146,9 +146,6 @@
               "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
               "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
               "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-              "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
-                "shareType": "A String", # Type of sharing for this shared-reservation
-              },
               "specificReservation": { # This reservation type allows to pre allocate specific instance configuration. Next ID: 5 # Reservation for instances with specific machine shapes.
                 "count": "A String", # Specifies the number of resources that are allocated.
                 "inUseCount": "A String", # [Output Only] Indicates how many instances are in use.
@@ -280,9 +277,6 @@
       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-      "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
-        "shareType": "A String", # Type of sharing for this shared-reservation
-      },
       "specificReservation": { # This reservation type allows to pre allocate specific instance configuration. Next ID: 5 # Reservation for instances with specific machine shapes.
         "count": "A String", # Specifies the number of resources that are allocated.
         "inUseCount": "A String", # [Output Only] Indicates how many instances are in use.
@@ -359,9 +353,6 @@
       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-      "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
-        "shareType": "A String", # Type of sharing for this shared-reservation
-      },
       "specificReservation": { # This reservation type allows to pre allocate specific instance configuration. Next ID: 5 # Reservation for instances with specific machine shapes.
         "count": "A String", # Specifies the number of resources that are allocated.
         "inUseCount": "A String", # [Output Only] Indicates how many instances are in use.
@@ -506,9 +497,6 @@
           "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-          "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
-            "shareType": "A String", # Type of sharing for this shared-reservation
-          },
           "specificReservation": { # This reservation type allows to pre allocate specific instance configuration. Next ID: 5 # Reservation for instances with specific machine shapes.
             "count": "A String", # Specifies the number of resources that are allocated.
             "inUseCount": "A String", # [Output Only] Indicates how many instances are in use.

docs/dyn/compute_v1.regionInstances.html

diff --git a/docs/dyn/compute_v1.regionInstances.html b/docs/dyn/compute_v1.regionInstances.html
index 320ac72..d2d1189 100644
--- a/docs/dyn/compute_v1.regionInstances.html
+++ b/docs/dyn/compute_v1.regionInstances.html
@@ -94,12 +94,12 @@
 { # A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert . This resource is not persisted anywhere, it is used only for processing the requests.
   "count": "A String", # The maximum number of instances to create.
   "instanceProperties": { # The instance properties defining the VM instances to be created. Required if sourceInstanceTemplate is not provided.
-    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet.
+    "advancedMachineFeatures": { # Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled). # Controls for advanced machine-related behavior features.
       "enableNestedVirtualization": True or False, # Whether to enable nested virtualization or not (default is false).
       "threadsPerCore": 42, # The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed.
     },
     "canIpForward": True or False, # Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information.
-    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet.
+    "confidentialInstanceConfig": { # A set of Confidential Instance options. # Specifies the Confidential Instance options.
       "enableConfidentialCompute": True or False, # Defines whether the instance should have confidential compute enabled.
     },
     "description": "A String", # An optional text description for the instances that are created from these properties.
@@ -217,8 +217,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -237,8 +237,8 @@
             "name": "A String", # The name of this access configuration. The default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access.
             "natIP": "A String", # An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance.
             "networkTier": "A String", # This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.
-            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range.
-            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated.
+            "publicPtrDomainName": "A String", # The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled.
+            "setPublicPtr": True or False, # Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name.
             "type": "ONE_TO_ONE_NAT", # The type of configuration. The default and only option is ONE_TO_ONE_NAT.
           },
         ],
@@ -254,15 +254,15 @@
         "subnetwork": "A String", # The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork
       },
     ],
-    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.
-    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet.
+    "privateIpv6GoogleAccess": "A String", # The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default.
+    "reservationAffinity": { # Specifies the reservations that this instance can consume from. # Specifies the reservations that instances can consume from.
       "consumeReservationType": "A String", # Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.
       "key": "A String", # Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value.
       "values": [ # Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or "projects/different-project/reservations/some-reservation-name" to target a shared reservation in the same zone but in a different project.
         "A String",
       ],
     },
-    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet.
+    "resourcePolicies": [ # Resource policies (names, not ULRs) applied to instances created from these properties.
       "A String",
     ],
     "scheduling": { # Sets the scheduling options for an Instance. NextID: 21 # Specifies the scheduling options for the instances that are created from these properties.
@@ -289,7 +289,7 @@
         ],
       },
     ],
-    "shieldedInstanceConfig": { # A set of Shielded Instance options. # Note that for MachineImage, this is not supported yet.
+    "shieldedInstanceConfig": { # A set of Shielded Instance options.
       "enableIntegrityMonitoring": True or False, # Defines whether the instance has integrity monitoring enabled. Enabled by default.
       "enableSecureBoot": True or False, # Defines whether the instance has Secure Boot enabled. Disabled by default.
       "enableVtpm": True or False, # Defines whether the instance has the vTPM enabled. Enabled by default.

docs/dyn/compute_v1.reservations.html

diff --git a/docs/dyn/compute_v1.reservations.html b/docs/dyn/compute_v1.reservations.html
index b593f80..332f50b 100644
--- a/docs/dyn/compute_v1.reservations.html
+++ b/docs/dyn/compute_v1.reservations.html
@@ -145,9 +145,6 @@
           "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
           "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
           "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-          "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
-            "shareType": "A String", # Type of sharing for this shared-reservation
-          },
           "specificReservation": { # This reservation type allows to pre allocate specific instance configuration. Next ID: 5 # Reservation for instances with specific machine shapes.
             "count": "A String", # Specifies the number of resources that are allocated.
             "inUseCount": "A String", # [Output Only] Indicates how many instances are in use.
@@ -313,9 +310,6 @@
   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
-    "shareType": "A String", # Type of sharing for this shared-reservation
-  },
   "specificReservation": { # This reservation type allows to pre allocate specific instance configuration. Next ID: 5 # Reservation for instances with specific machine shapes.
     "count": "A String", # Specifies the number of resources that are allocated.
     "inUseCount": "A String", # [Output Only] Indicates how many instances are in use.
@@ -467,9 +461,6 @@
   "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
   "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
   "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-  "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
-    "shareType": "A String", # Type of sharing for this shared-reservation
-  },
   "specificReservation": { # This reservation type allows to pre allocate specific instance configuration. Next ID: 5 # Reservation for instances with specific machine shapes.
     "count": "A String", # Specifies the number of resources that are allocated.
     "inUseCount": "A String", # [Output Only] Indicates how many instances are in use.
@@ -584,9 +575,6 @@
       "name": "A String", # The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
       "satisfiesPzs": True or False, # [Output Only] Reserved for future use.
       "selfLink": "A String", # [Output Only] Server-defined fully-qualified URL for this resource.
-      "shareSettings": { # The share setting for reservations and sole tenancy node groups. # Share-settings for shared-reservation
-        "shareType": "A String", # Type of sharing for this shared-reservation
-      },
       "specificReservation": { # This reservation type allows to pre allocate specific instance configuration. Next ID: 5 # Reservation for instances with specific machine shapes.
         "count": "A String", # Specifies the number of resources that are allocated.
         "inUseCount": "A String", # [Output Only] Indicates how many instances are in use.

docs/dyn/compute_v1.routers.html

diff --git a/docs/dyn/compute_v1.routers.html b/docs/dyn/compute_v1.routers.html
index af1113b..70d4317 100644
--- a/docs/dyn/compute_v1.routers.html
+++ b/docs/dyn/compute_v1.routers.html
@@ -732,66 +732,6 @@
             ],
           },
         ],
-        "bfdStatus": { # Next free: 15
-          "bfdSessionInitializationMode": "A String", # The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer.
-          "configUpdateTimestampMicros": "A String", # Unix timestamp of the most recent config update.
-          "controlPacketCounts": { # Control packet counts for the current BFD session.
-            "numRx": 42, # Number of packets received since the beginning of the current BFD session.
-            "numRxRejected": 42, # Number of packets received that were rejected because of errors since the beginning of the current BFD session.
-            "numRxSuccessful": 42, # Number of packets received that were successfully processed since the beginning of the current BFD session.
-            "numTx": 42, # Number of packets transmitted since the beginning of the current BFD session.
-          },
-          "controlPacketIntervals": [ # Inter-packet time interval statistics for control packets.
-            { # Next free: 7
-              "avgMs": "A String", # Average observed inter-packet interval in milliseconds.
-              "duration": "A String", # From how long ago in the past these intervals were observed.
-              "maxMs": "A String", # Maximum observed inter-packet interval in milliseconds.
-              "minMs": "A String", # Minimum observed inter-packet interval in milliseconds.
-              "numIntervals": "A String", # Number of inter-packet intervals from which these statistics were derived.
-              "type": "A String", # The type of packets for which inter-packet intervals were computed.
-            },
-          ],
-          "localDiagnostic": "A String", # The diagnostic code specifies the local system's reason for the last change in session state. This allows remote systems to determine the reason that the previous session failed, for example. These diagnostic codes are specified in section 4.1 of RFC5880
-          "localState": "A String", # The current BFD session state as seen by the transmitting system. These states are specified in section 4.1 of RFC5880
-          "negotiatedLocalControlTxIntervalMs": 42, # Negotiated transmit interval for control packets.
-          "rxPacket": { # The most recent Rx control packet for this BFD session.
-            "authenticationPresent": True or False, # The Authentication Present bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "controlPlaneIndependent": True or False, # The Control Plane Independent bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "demand": True or False, # The demand bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "diagnostic": "A String", # The diagnostic code specifies the local system's reason for the last change in session state. This allows remote systems to determine the reason that the previous session failed, for example. These diagnostic codes are specified in section 4.1 of RFC5880
-            "final": True or False, # The Final bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "length": 42, # The length of the BFD Control packet in bytes. This is specified in section 4.1 of RFC5880
-            "minEchoRxIntervalMs": 42, # The Required Min Echo RX Interval value in the BFD packet. This is specified in section 4.1 of RFC5880
-            "minRxIntervalMs": 42, # The Required Min RX Interval value in the BFD packet. This is specified in section 4.1 of RFC5880
-            "minTxIntervalMs": 42, # The Desired Min TX Interval value in the BFD packet. This is specified in section 4.1 of RFC5880
-            "multiplier": 42, # The detection time multiplier of the BFD packet. This is specified in section 4.1 of RFC5880
-            "multipoint": True or False, # The multipoint bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "myDiscriminator": 42, # The My Discriminator value in the BFD packet. This is specified in section 4.1 of RFC5880
-            "poll": True or False, # The Poll bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "state": "A String", # The current BFD session state as seen by the transmitting system. These states are specified in section 4.1 of RFC5880
-            "version": 42, # The version number of the BFD protocol, as specified in section 4.1 of RFC5880.
-            "yourDiscriminator": 42, # The Your Discriminator value in the BFD packet. This is specified in section 4.1 of RFC5880
-          },
-          "txPacket": { # The most recent Tx control packet for this BFD session.
-            "authenticationPresent": True or False, # The Authentication Present bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "controlPlaneIndependent": True or False, # The Control Plane Independent bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "demand": True or False, # The demand bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "diagnostic": "A String", # The diagnostic code specifies the local system's reason for the last change in session state. This allows remote systems to determine the reason that the previous session failed, for example. These diagnostic codes are specified in section 4.1 of RFC5880
-            "final": True or False, # The Final bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "length": 42, # The length of the BFD Control packet in bytes. This is specified in section 4.1 of RFC5880
-            "minEchoRxIntervalMs": 42, # The Required Min Echo RX Interval value in the BFD packet. This is specified in section 4.1 of RFC5880
-            "minRxIntervalMs": 42, # The Required Min RX Interval value in the BFD packet. This is specified in section 4.1 of RFC5880
-            "minTxIntervalMs": 42, # The Desired Min TX Interval value in the BFD packet. This is specified in section 4.1 of RFC5880
-            "multiplier": 42, # The detection time multiplier of the BFD packet. This is specified in section 4.1 of RFC5880
-            "multipoint": True or False, # The multipoint bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "myDiscriminator": 42, # The My Discriminator value in the BFD packet. This is specified in section 4.1 of RFC5880
-            "poll": True or False, # The Poll bit of the BFD packet. This is specified in section 4.1 of RFC5880
-            "state": "A String", # The current BFD session state as seen by the transmitting system. These states are specified in section 4.1 of RFC5880
-            "version": 42, # The version number of the BFD protocol, as specified in section 4.1 of RFC5880.
-            "yourDiscriminator": 42, # The Your Discriminator value in the BFD packet. This is specified in section 4.1 of RFC5880
-          },
-          "uptimeMs": "A String", # Session uptime in milliseconds. Value will be 0 if session is not up.
-        },
         "ipAddress": "A String", # IP address of the local BGP interface.
         "linkedVpnTunnel": "A String", # URL of the VPN tunnel that this BGP peer controls.
         "name": "A String", # Name of this BGP peer. Unique within the Routers resource.

docs/dyn/connectors_v1.projects.locations.connections.html

diff --git a/docs/dyn/connectors_v1.projects.locations.connections.html b/docs/dyn/connectors_v1.projects.locations.connections.html
index fb1737d..f593684 100644
--- a/docs/dyn/connectors_v1.projects.locations.connections.html
+++ b/docs/dyn/connectors_v1.projects.locations.connections.html
@@ -397,7 +397,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -406,7 +406,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -420,18 +420,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -684,7 +684,7 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
       { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -698,18 +698,18 @@
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
       },
     ],
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -726,7 +726,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -740,18 +740,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/connectors_v1.projects.locations.connections.runtimeActionSchemas.html

diff --git a/docs/dyn/connectors_v1.projects.locations.connections.runtimeActionSchemas.html b/docs/dyn/connectors_v1.projects.locations.connections.runtimeActionSchemas.html
index 38f9d81..887ab01 100644
--- a/docs/dyn/connectors_v1.projects.locations.connections.runtimeActionSchemas.html
+++ b/docs/dyn/connectors_v1.projects.locations.connections.runtimeActionSchemas.html
@@ -95,7 +95,7 @@
 
 Args:
   parent: string, Required. Parent resource of RuntimeActionSchema Format: projects/{project}/locations/{location}/connections/{connection} (required)
-  filter: string, Filter
+  filter: string, Required. Filter Format: action="{actionId}" Only action field is supported with literal equality operator. Accepted filter example: action="CancelOrder" Wildcards are not supported in the filter currently.
   pageSize: integer, Page size.
   pageToken: string, Page token.
   x__xgafv: string, V1 error format.

docs/dyn/connectors_v1.projects.locations.connections.runtimeEntitySchemas.html

diff --git a/docs/dyn/connectors_v1.projects.locations.connections.runtimeEntitySchemas.html b/docs/dyn/connectors_v1.projects.locations.connections.runtimeEntitySchemas.html
index a1a0755..94c217d 100644
--- a/docs/dyn/connectors_v1.projects.locations.connections.runtimeEntitySchemas.html
+++ b/docs/dyn/connectors_v1.projects.locations.connections.runtimeEntitySchemas.html
@@ -95,7 +95,7 @@
 
 Args:
   parent: string, Required. Parent resource of RuntimeEntitySchema Format: projects/{project}/locations/{location}/connections/{connection} (required)
-  filter: string, Filter
+  filter: string, Required. Filter Format: entity="{entityId}" Only entity field is supported with literal equality operator. Accepted filter example: entity="Order" Wildcards are not supported in the filter currently.
   pageSize: integer, Page size.
   pageToken: string, Page token.
   x__xgafv: string, V1 error format.

docs/dyn/connectors_v1.projects.locations.providers.html

diff --git a/docs/dyn/connectors_v1.projects.locations.providers.html b/docs/dyn/connectors_v1.projects.locations.providers.html
index acbcaed..a8258ff 100644
--- a/docs/dyn/connectors_v1.projects.locations.providers.html
+++ b/docs/dyn/connectors_v1.projects.locations.providers.html
@@ -98,7 +98,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -107,7 +107,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -121,18 +121,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -150,7 +150,7 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
     "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
       { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
         "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -164,18 +164,18 @@
         "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
       },
     ],
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -192,7 +192,7 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
   "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
     { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
       "auditLogConfigs": [ # The configuration for logging of each type of permission.
@@ -206,18 +206,18 @@
       "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
     },
   ],
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/contactcenterinsights_v1.projects.locations.conversations.html

diff --git a/docs/dyn/contactcenterinsights_v1.projects.locations.conversations.html b/docs/dyn/contactcenterinsights_v1.projects.locations.conversations.html
index f18d581..4555ca0 100644
--- a/docs/dyn/contactcenterinsights_v1.projects.locations.conversations.html
+++ b/docs/dyn/contactcenterinsights_v1.projects.locations.conversations.html
@@ -138,6 +138,13 @@
   "issueMatches": { # A map associating each issue resource name with its respective number of matches in the set of conversations. Key has the format: `projects//locations//issueModels//issues/` Deprecated, use `issue_matches_stats` field instead.
     "a_key": 42,
   },
+  "issueMatchesStats": { # A map associating each issue resource name with its respective number of matches in the set of conversations. Key has the format: `projects//locations//issueModels//issues/`
+    "a_key": { # Aggregated statistics about an issue.
+      "displayName": "A String", # Display name of the issue.
+      "issue": "A String", # Issue resource. Format: projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue}
+      "labeledConversationsCount": "A String", # Number of conversations attached to the issue at this point in time.
+    },
+  },
   "smartHighlighterMatches": { # A map associating each smart highlighter display name with its respective number of matches in the set of conversations.
     "a_key": 42,
   },
@@ -379,7 +386,7 @@
   "updateTime": "A String", # Output only. The most recent time at which the conversation was updated.
 }
 
-  conversationId: string, A unique ID for the new conversation. This ID will become the final component of the conversation's resource name. If no ID is specified, a server-generated ID will be used. This value should be 4-32 characters and must match the regular expression /^[a-z0-9-]{4,32}$/. Valid characters are /a-z-/
+  conversationId: string, A unique ID for the new conversation. This ID will become the final component of the conversation's resource name. If no ID is specified, a server-generated ID will be used. This value should be 4-64 characters and must match the regular expression /^[a-z0-9-]{4,64}$/. Valid characters are /a-z-/
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/contactcenterinsights_v1.projects.locations.issueModels.html

diff --git a/docs/dyn/contactcenterinsights_v1.projects.locations.issueModels.html b/docs/dyn/contactcenterinsights_v1.projects.locations.issueModels.html
index 441e0d9..2ed015c 100644
--- a/docs/dyn/contactcenterinsights_v1.projects.locations.issueModels.html
+++ b/docs/dyn/contactcenterinsights_v1.projects.locations.issueModels.html
@@ -126,6 +126,7 @@
     "analyzedConversationsCount": "A String", # Number of conversations the issue model has analyzed at this point in time.
     "issueStats": { # Statistics on each issue. Key is the issue's resource name.
       "a_key": { # Aggregated statistics about an issue.
+        "displayName": "A String", # Display name of the issue.
         "issue": "A String", # Issue resource. Format: projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue}
         "labeledConversationsCount": "A String", # Number of conversations attached to the issue at this point in time.
       },
@@ -163,6 +164,7 @@
     "analyzedConversationsCount": "A String", # Number of conversations the issue model has analyzed at this point in time.
     "issueStats": { # Statistics on each issue. Key is the issue's resource name.
       "a_key": { # Aggregated statistics about an issue.
+        "displayName": "A String", # Display name of the issue.
         "issue": "A String", # Issue resource. Format: projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue}
         "labeledConversationsCount": "A String", # Number of conversations attached to the issue at this point in time.
       },
@@ -306,6 +308,7 @@
     "analyzedConversationsCount": "A String", # Number of conversations the issue model has analyzed at this point in time.
     "issueStats": { # Statistics on each issue. Key is the issue's resource name.
       "a_key": { # Aggregated statistics about an issue.
+        "displayName": "A String", # Display name of the issue.
         "issue": "A String", # Issue resource. Format: projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue}
         "labeledConversationsCount": "A String", # Number of conversations attached to the issue at this point in time.
       },
@@ -346,6 +349,7 @@
         "analyzedConversationsCount": "A String", # Number of conversations the issue model has analyzed at this point in time.
         "issueStats": { # Statistics on each issue. Key is the issue's resource name.
           "a_key": { # Aggregated statistics about an issue.
+            "displayName": "A String", # Display name of the issue.
             "issue": "A String", # Issue resource. Format: projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue}
             "labeledConversationsCount": "A String", # Number of conversations attached to the issue at this point in time.
           },
@@ -381,6 +385,7 @@
     "analyzedConversationsCount": "A String", # Number of conversations the issue model has analyzed at this point in time.
     "issueStats": { # Statistics on each issue. Key is the issue's resource name.
       "a_key": { # Aggregated statistics about an issue.
+        "displayName": "A String", # Display name of the issue.
         "issue": "A String", # Issue resource. Format: projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue}
         "labeledConversationsCount": "A String", # Number of conversations attached to the issue at this point in time.
       },
@@ -413,6 +418,7 @@
     "analyzedConversationsCount": "A String", # Number of conversations the issue model has analyzed at this point in time.
     "issueStats": { # Statistics on each issue. Key is the issue's resource name.
       "a_key": { # Aggregated statistics about an issue.
+        "displayName": "A String", # Display name of the issue.
         "issue": "A String", # Issue resource. Format: projects/{project}/locations/{location}/issueModels/{issue_model}/issues/{issue}
         "labeledConversationsCount": "A String", # Number of conversations attached to the issue at this point in time.
       },

docs/dyn/containeranalysis_v1.projects.notes.html

diff --git a/docs/dyn/containeranalysis_v1.projects.notes.html b/docs/dyn/containeranalysis_v1.projects.notes.html
index 358dc8e..9c732c4 100644
--- a/docs/dyn/containeranalysis_v1.projects.notes.html
+++ b/docs/dyn/containeranalysis_v1.projects.notes.html
@@ -1192,7 +1192,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/containeranalysis_v1.projects.notes.occurrences.html

diff --git a/docs/dyn/containeranalysis_v1.projects.notes.occurrences.html b/docs/dyn/containeranalysis_v1.projects.notes.occurrences.html
index 88d6685..ae3f7e3 100644
--- a/docs/dyn/containeranalysis_v1.projects.notes.occurrences.html
+++ b/docs/dyn/containeranalysis_v1.projects.notes.occurrences.html
@@ -125,7 +125,7 @@
         ],
       },
       "build": { # Details of a build occurrence. # Describes a verifiable build.
-        "intotoProvenance": { # In-toto Provenance representation as defined in spec.
+        "intotoProvenance": { # Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
           "builderConfig": { # required
             "id": "A String",
           },
@@ -159,7 +159,88 @@
             "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
           },
         },
-        "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # Required. The actual provenance for the build.
+        "intotoStatement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json". # In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+          "provenance": {
+            "builderConfig": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              "A String",
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": [ # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+                {
+                  "a_key": "", # Properties of the object. Contains field @type with type URL.
+                },
+              ],
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": [ # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+                {
+                  "a_key": "", # Properties of the object. Contains field @type with type URL.
+                },
+              ],
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "slsaProvenance": {
+            "builder": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              {
+                "digest": {
+                  "a_key": "A String",
+                },
+                "uri": "A String",
+              },
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "subject": [
+            {
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+                "a_key": "A String",
+              },
+              "name": "A String",
+            },
+          ],
+        },
+        "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # The actual provenance for the build.
           "buildOptions": { # Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
             "a_key": "A String",
           },
@@ -316,7 +397,7 @@
         "cpe": "A String", # The CPE of the resource being scanned.
         "lastScanTime": "A String", # The last time this resource was scanned.
       },
-      "dsseAttestation": { # Describes an attestation of an artifact using dsse.
+      "dsseAttestation": { # Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. # Describes an attestation of an artifact using dsse.
         "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # If doing something security critical, make sure to verify the signatures in this metadata.
           "payload": "A String",
           "payloadType": "A String",
@@ -328,7 +409,8 @@
           ],
         },
         "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-          "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
           "provenance": {
             "builderConfig": { # required
               "id": "A String",
@@ -363,15 +445,49 @@
               "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
             },
           },
+          "slsaProvenance": {
+            "builder": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              {
+                "digest": {
+                  "a_key": "A String",
+                },
+                "uri": "A String",
+              },
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
           "subject": [
             {
-              "digest": { # "": ""
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
                 "a_key": "A String",
               },
               "name": "A String",
             },
           ],
-          "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
         },
       },
       "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse

docs/dyn/containeranalysis_v1.projects.occurrences.html

diff --git a/docs/dyn/containeranalysis_v1.projects.occurrences.html b/docs/dyn/containeranalysis_v1.projects.occurrences.html
index cbbfb1f..91389ac 100644
--- a/docs/dyn/containeranalysis_v1.projects.occurrences.html
+++ b/docs/dyn/containeranalysis_v1.projects.occurrences.html
@@ -141,7 +141,7 @@
         ],
       },
       "build": { # Details of a build occurrence. # Describes a verifiable build.
-        "intotoProvenance": { # In-toto Provenance representation as defined in spec.
+        "intotoProvenance": { # Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
           "builderConfig": { # required
             "id": "A String",
           },
@@ -175,7 +175,88 @@
             "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
           },
         },
-        "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # Required. The actual provenance for the build.
+        "intotoStatement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json". # In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+          "provenance": {
+            "builderConfig": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              "A String",
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": [ # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+                {
+                  "a_key": "", # Properties of the object. Contains field @type with type URL.
+                },
+              ],
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": [ # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+                {
+                  "a_key": "", # Properties of the object. Contains field @type with type URL.
+                },
+              ],
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "slsaProvenance": {
+            "builder": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              {
+                "digest": {
+                  "a_key": "A String",
+                },
+                "uri": "A String",
+              },
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "subject": [
+            {
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+                "a_key": "A String",
+              },
+              "name": "A String",
+            },
+          ],
+        },
+        "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # The actual provenance for the build.
           "buildOptions": { # Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
             "a_key": "A String",
           },
@@ -332,7 +413,7 @@
         "cpe": "A String", # The CPE of the resource being scanned.
         "lastScanTime": "A String", # The last time this resource was scanned.
       },
-      "dsseAttestation": { # Describes an attestation of an artifact using dsse.
+      "dsseAttestation": { # Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. # Describes an attestation of an artifact using dsse.
         "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # If doing something security critical, make sure to verify the signatures in this metadata.
           "payload": "A String",
           "payloadType": "A String",
@@ -344,7 +425,8 @@
           ],
         },
         "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-          "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
           "provenance": {
             "builderConfig": { # required
               "id": "A String",
@@ -379,15 +461,49 @@
               "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
             },
           },
+          "slsaProvenance": {
+            "builder": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              {
+                "digest": {
+                  "a_key": "A String",
+                },
+                "uri": "A String",
+              },
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
           "subject": [
             {
-              "digest": { # "": ""
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
                 "a_key": "A String",
               },
               "name": "A String",
             },
           ],
-          "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
         },
       },
       "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -550,7 +666,7 @@
         ],
       },
       "build": { # Details of a build occurrence. # Describes a verifiable build.
-        "intotoProvenance": { # In-toto Provenance representation as defined in spec.
+        "intotoProvenance": { # Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
           "builderConfig": { # required
             "id": "A String",
           },
@@ -584,7 +700,88 @@
             "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
           },
         },
-        "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # Required. The actual provenance for the build.
+        "intotoStatement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json". # In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+          "provenance": {
+            "builderConfig": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              "A String",
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": [ # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+                {
+                  "a_key": "", # Properties of the object. Contains field @type with type URL.
+                },
+              ],
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": [ # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+                {
+                  "a_key": "", # Properties of the object. Contains field @type with type URL.
+                },
+              ],
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "slsaProvenance": {
+            "builder": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              {
+                "digest": {
+                  "a_key": "A String",
+                },
+                "uri": "A String",
+              },
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "subject": [
+            {
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+                "a_key": "A String",
+              },
+              "name": "A String",
+            },
+          ],
+        },
+        "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # The actual provenance for the build.
           "buildOptions": { # Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
             "a_key": "A String",
           },
@@ -741,7 +938,7 @@
         "cpe": "A String", # The CPE of the resource being scanned.
         "lastScanTime": "A String", # The last time this resource was scanned.
       },
-      "dsseAttestation": { # Describes an attestation of an artifact using dsse.
+      "dsseAttestation": { # Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. # Describes an attestation of an artifact using dsse.
         "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # If doing something security critical, make sure to verify the signatures in this metadata.
           "payload": "A String",
           "payloadType": "A String",
@@ -753,7 +950,8 @@
           ],
         },
         "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-          "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
           "provenance": {
             "builderConfig": { # required
               "id": "A String",
@@ -788,15 +986,49 @@
               "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
             },
           },
+          "slsaProvenance": {
+            "builder": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              {
+                "digest": {
+                  "a_key": "A String",
+                },
+                "uri": "A String",
+              },
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
           "subject": [
             {
-              "digest": { # "": ""
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
                 "a_key": "A String",
               },
               "name": "A String",
             },
           ],
-          "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
         },
       },
       "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -964,7 +1196,7 @@
     ],
   },
   "build": { # Details of a build occurrence. # Describes a verifiable build.
-    "intotoProvenance": { # In-toto Provenance representation as defined in spec.
+    "intotoProvenance": { # Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
       "builderConfig": { # required
         "id": "A String",
       },
@@ -998,7 +1230,88 @@
         "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
       },
     },
-    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # Required. The actual provenance for the build.
+    "intotoStatement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json". # In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": {
+        "builderConfig": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          "A String",
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": [ # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": [ # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [
+        {
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+            "a_key": "A String",
+          },
+          "name": "A String",
+        },
+      ],
+    },
+    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # The actual provenance for the build.
       "buildOptions": { # Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
         "a_key": "A String",
       },
@@ -1155,7 +1468,7 @@
     "cpe": "A String", # The CPE of the resource being scanned.
     "lastScanTime": "A String", # The last time this resource was scanned.
   },
-  "dsseAttestation": { # Describes an attestation of an artifact using dsse.
+  "dsseAttestation": { # Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. # Describes an attestation of an artifact using dsse.
     "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # If doing something security critical, make sure to verify the signatures in this metadata.
       "payload": "A String",
       "payloadType": "A String",
@@ -1167,7 +1480,8 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
       "provenance": {
         "builderConfig": { # required
           "id": "A String",
@@ -1202,15 +1516,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
       "subject": [
         {
-          "digest": { # "": ""
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
           "name": "A String",
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -1369,7 +1717,7 @@
     ],
   },
   "build": { # Details of a build occurrence. # Describes a verifiable build.
-    "intotoProvenance": { # In-toto Provenance representation as defined in spec.
+    "intotoProvenance": { # Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
       "builderConfig": { # required
         "id": "A String",
       },
@@ -1403,7 +1751,88 @@
         "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
       },
     },
-    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # Required. The actual provenance for the build.
+    "intotoStatement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json". # In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": {
+        "builderConfig": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          "A String",
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": [ # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": [ # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [
+        {
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+            "a_key": "A String",
+          },
+          "name": "A String",
+        },
+      ],
+    },
+    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # The actual provenance for the build.
       "buildOptions": { # Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
         "a_key": "A String",
       },
@@ -1560,7 +1989,7 @@
     "cpe": "A String", # The CPE of the resource being scanned.
     "lastScanTime": "A String", # The last time this resource was scanned.
   },
-  "dsseAttestation": { # Describes an attestation of an artifact using dsse.
+  "dsseAttestation": { # Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. # Describes an attestation of an artifact using dsse.
     "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # If doing something security critical, make sure to verify the signatures in this metadata.
       "payload": "A String",
       "payloadType": "A String",
@@ -1572,7 +2001,8 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
       "provenance": {
         "builderConfig": { # required
           "id": "A String",
@@ -1607,15 +2037,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
       "subject": [
         {
-          "digest": { # "": ""
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
           "name": "A String",
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -1799,7 +2263,7 @@
     ],
   },
   "build": { # Details of a build occurrence. # Describes a verifiable build.
-    "intotoProvenance": { # In-toto Provenance representation as defined in spec.
+    "intotoProvenance": { # Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
       "builderConfig": { # required
         "id": "A String",
       },
@@ -1833,7 +2297,88 @@
         "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
       },
     },
-    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # Required. The actual provenance for the build.
+    "intotoStatement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json". # In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": {
+        "builderConfig": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          "A String",
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": [ # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": [ # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [
+        {
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+            "a_key": "A String",
+          },
+          "name": "A String",
+        },
+      ],
+    },
+    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # The actual provenance for the build.
       "buildOptions": { # Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
         "a_key": "A String",
       },
@@ -1990,7 +2535,7 @@
     "cpe": "A String", # The CPE of the resource being scanned.
     "lastScanTime": "A String", # The last time this resource was scanned.
   },
-  "dsseAttestation": { # Describes an attestation of an artifact using dsse.
+  "dsseAttestation": { # Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. # Describes an attestation of an artifact using dsse.
     "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # If doing something security critical, make sure to verify the signatures in this metadata.
       "payload": "A String",
       "payloadType": "A String",
@@ -2002,7 +2547,8 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
       "provenance": {
         "builderConfig": { # required
           "id": "A String",
@@ -2037,15 +2583,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
       "subject": [
         {
-          "digest": { # "": ""
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
           "name": "A String",
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -2192,7 +2772,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
@@ -2499,7 +3079,7 @@
         ],
       },
       "build": { # Details of a build occurrence. # Describes a verifiable build.
-        "intotoProvenance": { # In-toto Provenance representation as defined in spec.
+        "intotoProvenance": { # Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
           "builderConfig": { # required
             "id": "A String",
           },
@@ -2533,7 +3113,88 @@
             "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
           },
         },
-        "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # Required. The actual provenance for the build.
+        "intotoStatement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json". # In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+          "provenance": {
+            "builderConfig": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              "A String",
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": [ # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+                {
+                  "a_key": "", # Properties of the object. Contains field @type with type URL.
+                },
+              ],
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": [ # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+                {
+                  "a_key": "", # Properties of the object. Contains field @type with type URL.
+                },
+              ],
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "slsaProvenance": {
+            "builder": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              {
+                "digest": {
+                  "a_key": "A String",
+                },
+                "uri": "A String",
+              },
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "subject": [
+            {
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+                "a_key": "A String",
+              },
+              "name": "A String",
+            },
+          ],
+        },
+        "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # The actual provenance for the build.
           "buildOptions": { # Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
             "a_key": "A String",
           },
@@ -2690,7 +3351,7 @@
         "cpe": "A String", # The CPE of the resource being scanned.
         "lastScanTime": "A String", # The last time this resource was scanned.
       },
-      "dsseAttestation": { # Describes an attestation of an artifact using dsse.
+      "dsseAttestation": { # Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. # Describes an attestation of an artifact using dsse.
         "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # If doing something security critical, make sure to verify the signatures in this metadata.
           "payload": "A String",
           "payloadType": "A String",
@@ -2702,7 +3363,8 @@
           ],
         },
         "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-          "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
           "provenance": {
             "builderConfig": { # required
               "id": "A String",
@@ -2737,15 +3399,49 @@
               "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
             },
           },
+          "slsaProvenance": {
+            "builder": { # required
+              "id": "A String",
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              {
+                "digest": {
+                  "a_key": "A String",
+                },
+                "uri": "A String",
+              },
+            ],
+            "metadata": { # Other properties of the build.
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
           "subject": [
             {
-              "digest": { # "": ""
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
                 "a_key": "A String",
               },
               "name": "A String",
             },
           ],
-          "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
         },
       },
       "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -2922,7 +3618,7 @@
     ],
   },
   "build": { # Details of a build occurrence. # Describes a verifiable build.
-    "intotoProvenance": { # In-toto Provenance representation as defined in spec.
+    "intotoProvenance": { # Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
       "builderConfig": { # required
         "id": "A String",
       },
@@ -2956,7 +3652,88 @@
         "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
       },
     },
-    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # Required. The actual provenance for the build.
+    "intotoStatement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json". # In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": {
+        "builderConfig": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          "A String",
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": [ # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": [ # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [
+        {
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+            "a_key": "A String",
+          },
+          "name": "A String",
+        },
+      ],
+    },
+    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # The actual provenance for the build.
       "buildOptions": { # Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
         "a_key": "A String",
       },
@@ -3113,7 +3890,7 @@
     "cpe": "A String", # The CPE of the resource being scanned.
     "lastScanTime": "A String", # The last time this resource was scanned.
   },
-  "dsseAttestation": { # Describes an attestation of an artifact using dsse.
+  "dsseAttestation": { # Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. # Describes an attestation of an artifact using dsse.
     "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # If doing something security critical, make sure to verify the signatures in this metadata.
       "payload": "A String",
       "payloadType": "A String",
@@ -3125,7 +3902,8 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
       "provenance": {
         "builderConfig": { # required
           "id": "A String",
@@ -3160,15 +3938,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
       "subject": [
         {
-          "digest": { # "": ""
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
           "name": "A String",
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -3328,7 +4140,7 @@
     ],
   },
   "build": { # Details of a build occurrence. # Describes a verifiable build.
-    "intotoProvenance": { # In-toto Provenance representation as defined in spec.
+    "intotoProvenance": { # Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.
       "builderConfig": { # required
         "id": "A String",
       },
@@ -3362,7 +4174,88 @@
         "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
       },
     },
-    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # Required. The actual provenance for the build.
+    "intotoStatement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json". # In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": {
+        "builderConfig": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          "A String",
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": [ # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": [ # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form "Any".
+            {
+              "a_key": "", # Properties of the object. Contains field @type with type URL.
+            },
+          ],
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [
+        {
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+            "a_key": "A String",
+          },
+          "name": "A String",
+        },
+      ],
+    },
+    "provenance": { # Provenance of a build. Contains all information needed to verify the full details about the build from source to completion. # The actual provenance for the build.
       "buildOptions": { # Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details.
         "a_key": "A String",
       },
@@ -3519,7 +4412,7 @@
     "cpe": "A String", # The CPE of the resource being scanned.
     "lastScanTime": "A String", # The last time this resource was scanned.
   },
-  "dsseAttestation": { # Describes an attestation of an artifact using dsse.
+  "dsseAttestation": { # Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence. # Describes an attestation of an artifact using dsse.
     "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # If doing something security critical, make sure to verify the signatures in this metadata.
       "payload": "A String",
       "payloadType": "A String",
@@ -3531,7 +4424,8 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
       "provenance": {
         "builderConfig": { # required
           "id": "A String",
@@ -3566,15 +4460,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
+      "slsaProvenance": {
+        "builder": { # required
+          "id": "A String",
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          {
+            "digest": {
+              "a_key": "A String",
+            },
+            "uri": "A String",
+          },
+        ],
+        "metadata": { # Other properties of the build.
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
       "subject": [
         {
-          "digest": { # "": ""
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
           "name": "A String",
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse

docs/dyn/containeranalysis_v1alpha1.projects.notes.html

diff --git a/docs/dyn/containeranalysis_v1alpha1.projects.notes.html b/docs/dyn/containeranalysis_v1alpha1.projects.notes.html
index a5198d1..05d505e 100644
--- a/docs/dyn/containeranalysis_v1alpha1.projects.notes.html
+++ b/docs/dyn/containeranalysis_v1alpha1.projects.notes.html
@@ -764,7 +764,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/containeranalysis_v1alpha1.projects.notes.occurrences.html

diff --git a/docs/dyn/containeranalysis_v1alpha1.projects.notes.occurrences.html b/docs/dyn/containeranalysis_v1alpha1.projects.notes.occurrences.html
index 06ef16f..c40b882 100644
--- a/docs/dyn/containeranalysis_v1alpha1.projects.notes.occurrences.html
+++ b/docs/dyn/containeranalysis_v1alpha1.projects.notes.occurrences.html
@@ -373,8 +373,9 @@
           ],
         },
         "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-          "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
-          "provenance": {
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+          "provenance": { # provenance is a predicate of type intotoprovenance
             "builderConfig": { # required
               "id": "A String",
             },
@@ -408,15 +409,49 @@
               "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
             },
           },
-          "subject": [
-            {
-              "digest": { # "": ""
+          "slsaProvenance": { # SlsaProvenance is the slsa provenance as defined by the slsa spec. # slsa_provenance is a predicate of type slsaProvenance
+            "builder": { # SlsaBuilder encapsulates the identity of the builder of this provenance. # builder is the builder of this provenance
+              "id": "A String", # id is the id of the slsa provenance builder
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              { # Material is a material used in the generation of the provenance
+                "digest": { # digest is a map from a hash algorithm (e.g. sha256) to the value in the material
+                  "a_key": "A String",
+                },
+                "uri": "A String", # uri is the uri of the material
+              },
+            ],
+            "metadata": { # Other properties of the build. # metadata is the metadata of the provenance
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "subject": [ # subject is the subjects of the intoto statement
+            { # Subject refers to the subject of the intoto statement
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
                 "a_key": "A String",
               },
-              "name": "A String",
+              "name": "A String", # name is the name of the Subject used here
             },
           ],
-          "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
         },
       },
       "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse

docs/dyn/containeranalysis_v1alpha1.projects.occurrences.html

diff --git a/docs/dyn/containeranalysis_v1alpha1.projects.occurrences.html b/docs/dyn/containeranalysis_v1alpha1.projects.occurrences.html
index 5962229..72932c1 100644
--- a/docs/dyn/containeranalysis_v1alpha1.projects.occurrences.html
+++ b/docs/dyn/containeranalysis_v1alpha1.projects.occurrences.html
@@ -389,8 +389,9 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
-      "provenance": {
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": { # provenance is a predicate of type intotoprovenance
         "builderConfig": { # required
           "id": "A String",
         },
@@ -424,15 +425,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
-      "subject": [
-        {
-          "digest": { # "": ""
+      "slsaProvenance": { # SlsaProvenance is the slsa provenance as defined by the slsa spec. # slsa_provenance is a predicate of type slsaProvenance
+        "builder": { # SlsaBuilder encapsulates the identity of the builder of this provenance. # builder is the builder of this provenance
+          "id": "A String", # id is the id of the slsa provenance builder
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          { # Material is a material used in the generation of the provenance
+            "digest": { # digest is a map from a hash algorithm (e.g. sha256) to the value in the material
+              "a_key": "A String",
+            },
+            "uri": "A String", # uri is the uri of the material
+          },
+        ],
+        "metadata": { # Other properties of the build. # metadata is the metadata of the provenance
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [ # subject is the subjects of the intoto statement
+        { # Subject refers to the subject of the intoto statement
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
-          "name": "A String",
+          "name": "A String", # name is the name of the Subject used here
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -858,8 +893,9 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
-      "provenance": {
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": { # provenance is a predicate of type intotoprovenance
         "builderConfig": { # required
           "id": "A String",
         },
@@ -893,15 +929,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
-      "subject": [
-        {
-          "digest": { # "": ""
+      "slsaProvenance": { # SlsaProvenance is the slsa provenance as defined by the slsa spec. # slsa_provenance is a predicate of type slsaProvenance
+        "builder": { # SlsaBuilder encapsulates the identity of the builder of this provenance. # builder is the builder of this provenance
+          "id": "A String", # id is the id of the slsa provenance builder
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          { # Material is a material used in the generation of the provenance
+            "digest": { # digest is a map from a hash algorithm (e.g. sha256) to the value in the material
+              "a_key": "A String",
+            },
+            "uri": "A String", # uri is the uri of the material
+          },
+        ],
+        "metadata": { # Other properties of the build. # metadata is the metadata of the provenance
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [ # subject is the subjects of the intoto statement
+        { # Subject refers to the subject of the intoto statement
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
-          "name": "A String",
+          "name": "A String", # name is the name of the Subject used here
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -1351,8 +1421,9 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
-      "provenance": {
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": { # provenance is a predicate of type intotoprovenance
         "builderConfig": { # required
           "id": "A String",
         },
@@ -1386,15 +1457,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
-      "subject": [
-        {
-          "digest": { # "": ""
+      "slsaProvenance": { # SlsaProvenance is the slsa provenance as defined by the slsa spec. # slsa_provenance is a predicate of type slsaProvenance
+        "builder": { # SlsaBuilder encapsulates the identity of the builder of this provenance. # builder is the builder of this provenance
+          "id": "A String", # id is the id of the slsa provenance builder
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          { # Material is a material used in the generation of the provenance
+            "digest": { # digest is a map from a hash algorithm (e.g. sha256) to the value in the material
+              "a_key": "A String",
+            },
+            "uri": "A String", # uri is the uri of the material
+          },
+        ],
+        "metadata": { # Other properties of the build. # metadata is the metadata of the provenance
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [ # subject is the subjects of the intoto statement
+        { # Subject refers to the subject of the intoto statement
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
-          "name": "A String",
+          "name": "A String", # name is the name of the Subject used here
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -1559,7 +1664,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 
@@ -2128,8 +2233,9 @@
           ],
         },
         "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-          "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
-          "provenance": {
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+          "provenance": { # provenance is a predicate of type intotoprovenance
             "builderConfig": { # required
               "id": "A String",
             },
@@ -2163,15 +2269,49 @@
               "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
             },
           },
-          "subject": [
-            {
-              "digest": { # "": ""
+          "slsaProvenance": { # SlsaProvenance is the slsa provenance as defined by the slsa spec. # slsa_provenance is a predicate of type slsaProvenance
+            "builder": { # SlsaBuilder encapsulates the identity of the builder of this provenance. # builder is the builder of this provenance
+              "id": "A String", # id is the id of the slsa provenance builder
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              { # Material is a material used in the generation of the provenance
+                "digest": { # digest is a map from a hash algorithm (e.g. sha256) to the value in the material
+                  "a_key": "A String",
+                },
+                "uri": "A String", # uri is the uri of the material
+              },
+            ],
+            "metadata": { # Other properties of the build. # metadata is the metadata of the provenance
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "subject": [ # subject is the subjects of the intoto statement
+            { # Subject refers to the subject of the intoto statement
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
                 "a_key": "A String",
               },
-              "name": "A String",
+              "name": "A String", # name is the name of the Subject used here
             },
           ],
-          "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
         },
       },
       "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -2614,8 +2754,9 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
-      "provenance": {
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": { # provenance is a predicate of type intotoprovenance
         "builderConfig": { # required
           "id": "A String",
         },
@@ -2649,15 +2790,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
-      "subject": [
-        {
-          "digest": { # "": ""
+      "slsaProvenance": { # SlsaProvenance is the slsa provenance as defined by the slsa spec. # slsa_provenance is a predicate of type slsaProvenance
+        "builder": { # SlsaBuilder encapsulates the identity of the builder of this provenance. # builder is the builder of this provenance
+          "id": "A String", # id is the id of the slsa provenance builder
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          { # Material is a material used in the generation of the provenance
+            "digest": { # digest is a map from a hash algorithm (e.g. sha256) to the value in the material
+              "a_key": "A String",
+            },
+            "uri": "A String", # uri is the uri of the material
+          },
+        ],
+        "metadata": { # Other properties of the build. # metadata is the metadata of the provenance
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [ # subject is the subjects of the intoto statement
+        { # Subject refers to the subject of the intoto statement
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
-          "name": "A String",
+          "name": "A String", # name is the name of the Subject used here
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse
@@ -3083,8 +3258,9 @@
       ],
     },
     "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-      "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
-      "provenance": {
+      "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+      "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+      "provenance": { # provenance is a predicate of type intotoprovenance
         "builderConfig": { # required
           "id": "A String",
         },
@@ -3118,15 +3294,49 @@
           "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
         },
       },
-      "subject": [
-        {
-          "digest": { # "": ""
+      "slsaProvenance": { # SlsaProvenance is the slsa provenance as defined by the slsa spec. # slsa_provenance is a predicate of type slsaProvenance
+        "builder": { # SlsaBuilder encapsulates the identity of the builder of this provenance. # builder is the builder of this provenance
+          "id": "A String", # id is the id of the slsa provenance builder
+        },
+        "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+          { # Material is a material used in the generation of the provenance
+            "digest": { # digest is a map from a hash algorithm (e.g. sha256) to the value in the material
+              "a_key": "A String",
+            },
+            "uri": "A String", # uri is the uri of the material
+          },
+        ],
+        "metadata": { # Other properties of the build. # metadata is the metadata of the provenance
+          "buildFinishedOn": "A String", # The timestamp of when the build completed.
+          "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+          "buildStartedOn": "A String", # The timestamp of when the build started.
+          "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+            "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+            "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+            "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+          },
+          "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+        },
+        "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
+          "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+          "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+          "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+            "a_key": "", # Properties of the object. Contains field @type with type URL.
+          },
+          "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+        },
+      },
+      "subject": [ # subject is the subjects of the intoto statement
+        { # Subject refers to the subject of the intoto statement
+          "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
             "a_key": "A String",
           },
-          "name": "A String",
+          "name": "A String", # name is the name of the Subject used here
         },
       ],
-      "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
     },
   },
   "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse

docs/dyn/containeranalysis_v1alpha1.providers.notes.html

diff --git a/docs/dyn/containeranalysis_v1alpha1.providers.notes.html b/docs/dyn/containeranalysis_v1alpha1.providers.notes.html
index d702cbe..17509e4 100644
--- a/docs/dyn/containeranalysis_v1alpha1.providers.notes.html
+++ b/docs/dyn/containeranalysis_v1alpha1.providers.notes.html
@@ -764,7 +764,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/containeranalysis_v1alpha1.providers.notes.occurrences.html

diff --git a/docs/dyn/containeranalysis_v1alpha1.providers.notes.occurrences.html b/docs/dyn/containeranalysis_v1alpha1.providers.notes.occurrences.html
index d4fd73a..0c64504 100644
--- a/docs/dyn/containeranalysis_v1alpha1.providers.notes.occurrences.html
+++ b/docs/dyn/containeranalysis_v1alpha1.providers.notes.occurrences.html
@@ -373,8 +373,9 @@
           ],
         },
         "statement": { # Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always "application/vnd.in-toto+json".
-          "predicateType": "A String", # "https://in-toto.io/Provenance/v0.1" for InTotoProvenance.
-          "provenance": {
+          "_type": "A String", # Always "https://in-toto.io/Statement/v0.1".
+          "predicateType": "A String", # "https://slsa.dev/provenance/v0.1" for SlsaProvenance.
+          "provenance": { # provenance is a predicate of type intotoprovenance
             "builderConfig": { # required
               "id": "A String",
             },
@@ -408,15 +409,49 @@
               "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
             },
           },
-          "subject": [
-            {
-              "digest": { # "": ""
+          "slsaProvenance": { # SlsaProvenance is the slsa provenance as defined by the slsa spec. # slsa_provenance is a predicate of type slsaProvenance
+            "builder": { # SlsaBuilder encapsulates the identity of the builder of this provenance. # builder is the builder of this provenance
+              "id": "A String", # id is the id of the slsa provenance builder
+            },
+            "materials": [ # The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty.
+              { # Material is a material used in the generation of the provenance
+                "digest": { # digest is a map from a hash algorithm (e.g. sha256) to the value in the material
+                  "a_key": "A String",
+                },
+                "uri": "A String", # uri is the uri of the material
+              },
+            ],
+            "metadata": { # Other properties of the build. # metadata is the metadata of the provenance
+              "buildFinishedOn": "A String", # The timestamp of when the build completed.
+              "buildInvocationId": "A String", # Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec.
+              "buildStartedOn": "A String", # The timestamp of when the build started.
+              "completeness": { # Indicates that the builder claims certain fields in this message to be complete. # Indicates that the builder claims certain fields in this message to be complete.
+                "arguments": True or False, # If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe.
+                "environment": True or False, # If true, the builder claims that recipe.environment is claimed to be complete.
+                "materials": True or False, # If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called "hermetic".
+              },
+              "reproducible": True or False, # If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output.
+            },
+            "recipe": { # Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe. # Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible).
+              "arguments": { # Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "definedInMaterial": "A String", # Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64.
+              "entryPoint": "A String", # String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use.
+              "environment": { # Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different.
+                "a_key": "", # Properties of the object. Contains field @type with type URL.
+              },
+              "type": "A String", # URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+            },
+          },
+          "subject": [ # subject is the subjects of the intoto statement
+            { # Subject refers to the subject of the intoto statement
+              "digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
                 "a_key": "A String",
               },
-              "name": "A String",
+              "name": "A String", # name is the name of the Subject used here
             },
           ],
-          "type": "A String", # Always "https://in-toto.io/Statement/v0.1".
         },
       },
       "envelope": { # MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type. # https://github.com/secure-systems-lab/dsse

docs/dyn/containeranalysis_v1beta1.projects.notes.html

diff --git a/docs/dyn/containeranalysis_v1beta1.projects.notes.html b/docs/dyn/containeranalysis_v1beta1.projects.notes.html
index a75ac71..8c01cd7 100644
--- a/docs/dyn/containeranalysis_v1beta1.projects.notes.html
+++ b/docs/dyn/containeranalysis_v1beta1.projects.notes.html
@@ -1272,7 +1272,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/containeranalysis_v1beta1.projects.occurrences.html

diff --git a/docs/dyn/containeranalysis_v1beta1.projects.occurrences.html b/docs/dyn/containeranalysis_v1beta1.projects.occurrences.html
index 207ce97..5685046 100644
--- a/docs/dyn/containeranalysis_v1beta1.projects.occurrences.html
+++ b/docs/dyn/containeranalysis_v1beta1.projects.occurrences.html
@@ -2007,7 +2007,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/datapipelines_v1.projects.locations.html

diff --git a/docs/dyn/datapipelines_v1.projects.locations.html b/docs/dyn/datapipelines_v1.projects.locations.html
index 3bb9ef8..fa95dda 100644
--- a/docs/dyn/datapipelines_v1.projects.locations.html
+++ b/docs/dyn/datapipelines_v1.projects.locations.html
@@ -120,6 +120,9 @@
       "jobCount": 42, # Output only. Number of jobs.
       "lastUpdateTime": "A String", # Output only. Immutable. The timestamp when the pipeline was last modified. Set by the Data Pipelines service.
       "name": "A String", # The pipeline name. For example: `projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID`. * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see [Identifying projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) * `LOCATION_ID` is the canonical ID for the pipeline's location. The list of available locations can be obtained by calling ListLocations. Note that the Data Pipelines service is not available in all regions. It depends on Cloud Scheduler, an App Engine application, so it's only available in [App Engine regions](https://cloud.google.com/about/locations#region). * `PIPELINE_ID` is the ID of the pipeline. Must be unique for the selected project and location.
+      "pipelineSources": { # Immutable. The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation.
+        "a_key": "A String",
+      },
       "scheduleInfo": { # Details of the schedule the pipeline runs on. # Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally.
         "nextJobTime": "A String", # Output only. When the next Scheduler job is going to run.
         "schedule": "A String", # Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler.

docs/dyn/datapipelines_v1.projects.locations.pipelines.html

diff --git a/docs/dyn/datapipelines_v1.projects.locations.pipelines.html b/docs/dyn/datapipelines_v1.projects.locations.pipelines.html
index e9b0b0e..2f72918 100644
--- a/docs/dyn/datapipelines_v1.projects.locations.pipelines.html
+++ b/docs/dyn/datapipelines_v1.projects.locations.pipelines.html
@@ -116,6 +116,9 @@
   "jobCount": 42, # Output only. Number of jobs.
   "lastUpdateTime": "A String", # Output only. Immutable. The timestamp when the pipeline was last modified. Set by the Data Pipelines service.
   "name": "A String", # The pipeline name. For example: `projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID`. * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see [Identifying projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) * `LOCATION_ID` is the canonical ID for the pipeline's location. The list of available locations can be obtained by calling ListLocations. Note that the Data Pipelines service is not available in all regions. It depends on Cloud Scheduler, an App Engine application, so it's only available in [App Engine regions](https://cloud.google.com/about/locations#region). * `PIPELINE_ID` is the ID of the pipeline. Must be unique for the selected project and location.
+  "pipelineSources": { # Immutable. The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation.
+    "a_key": "A String",
+  },
   "scheduleInfo": { # Details of the schedule the pipeline runs on. # Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally.
     "nextJobTime": "A String", # Output only. When the next Scheduler job is going to run.
     "schedule": "A String", # Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler.
@@ -221,6 +224,9 @@
   "jobCount": 42, # Output only. Number of jobs.
   "lastUpdateTime": "A String", # Output only. Immutable. The timestamp when the pipeline was last modified. Set by the Data Pipelines service.
   "name": "A String", # The pipeline name. For example: `projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID`. * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see [Identifying projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) * `LOCATION_ID` is the canonical ID for the pipeline's location. The list of available locations can be obtained by calling ListLocations. Note that the Data Pipelines service is not available in all regions. It depends on Cloud Scheduler, an App Engine application, so it's only available in [App Engine regions](https://cloud.google.com/about/locations#region). * `PIPELINE_ID` is the ID of the pipeline. Must be unique for the selected project and location.
+  "pipelineSources": { # Immutable. The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation.
+    "a_key": "A String",
+  },
   "scheduleInfo": { # Details of the schedule the pipeline runs on. # Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally.
     "nextJobTime": "A String", # Output only. When the next Scheduler job is going to run.
     "schedule": "A String", # Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler.
@@ -351,6 +357,9 @@
   "jobCount": 42, # Output only. Number of jobs.
   "lastUpdateTime": "A String", # Output only. Immutable. The timestamp when the pipeline was last modified. Set by the Data Pipelines service.
   "name": "A String", # The pipeline name. For example: `projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID`. * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see [Identifying projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) * `LOCATION_ID` is the canonical ID for the pipeline's location. The list of available locations can be obtained by calling ListLocations. Note that the Data Pipelines service is not available in all regions. It depends on Cloud Scheduler, an App Engine application, so it's only available in [App Engine regions](https://cloud.google.com/about/locations#region). * `PIPELINE_ID` is the ID of the pipeline. Must be unique for the selected project and location.
+  "pipelineSources": { # Immutable. The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation.
+    "a_key": "A String",
+  },
   "scheduleInfo": { # Details of the schedule the pipeline runs on. # Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally.
     "nextJobTime": "A String", # Output only. When the next Scheduler job is going to run.
     "schedule": "A String", # Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler.
@@ -458,6 +467,9 @@
   "jobCount": 42, # Output only. Number of jobs.
   "lastUpdateTime": "A String", # Output only. Immutable. The timestamp when the pipeline was last modified. Set by the Data Pipelines service.
   "name": "A String", # The pipeline name. For example: `projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID`. * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see [Identifying projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) * `LOCATION_ID` is the canonical ID for the pipeline's location. The list of available locations can be obtained by calling ListLocations. Note that the Data Pipelines service is not available in all regions. It depends on Cloud Scheduler, an App Engine application, so it's only available in [App Engine regions](https://cloud.google.com/about/locations#region). * `PIPELINE_ID` is the ID of the pipeline. Must be unique for the selected project and location.
+  "pipelineSources": { # Immutable. The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation.
+    "a_key": "A String",
+  },
   "scheduleInfo": { # Details of the schedule the pipeline runs on. # Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally.
     "nextJobTime": "A String", # Output only. When the next Scheduler job is going to run.
     "schedule": "A String", # Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler.
@@ -564,6 +576,9 @@
   "jobCount": 42, # Output only. Number of jobs.
   "lastUpdateTime": "A String", # Output only. Immutable. The timestamp when the pipeline was last modified. Set by the Data Pipelines service.
   "name": "A String", # The pipeline name. For example: `projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID`. * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see [Identifying projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) * `LOCATION_ID` is the canonical ID for the pipeline's location. The list of available locations can be obtained by calling ListLocations. Note that the Data Pipelines service is not available in all regions. It depends on Cloud Scheduler, an App Engine application, so it's only available in [App Engine regions](https://cloud.google.com/about/locations#region). * `PIPELINE_ID` is the ID of the pipeline. Must be unique for the selected project and location.
+  "pipelineSources": { # Immutable. The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation.
+    "a_key": "A String",
+  },
   "scheduleInfo": { # Details of the schedule the pipeline runs on. # Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally.
     "nextJobTime": "A String", # Output only. When the next Scheduler job is going to run.
     "schedule": "A String", # Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler.
@@ -733,6 +748,9 @@
   "jobCount": 42, # Output only. Number of jobs.
   "lastUpdateTime": "A String", # Output only. Immutable. The timestamp when the pipeline was last modified. Set by the Data Pipelines service.
   "name": "A String", # The pipeline name. For example: `projects/PROJECT_ID/locations/LOCATION_ID/pipelines/PIPELINE_ID`. * `PROJECT_ID` can contain letters ([A-Za-z]), numbers ([0-9]), hyphens (-), colons (:), and periods (.). For more information, see [Identifying projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects) * `LOCATION_ID` is the canonical ID for the pipeline's location. The list of available locations can be obtained by calling ListLocations. Note that the Data Pipelines service is not available in all regions. It depends on Cloud Scheduler, an App Engine application, so it's only available in [App Engine regions](https://cloud.google.com/about/locations#region). * `PIPELINE_ID` is the ID of the pipeline. Must be unique for the selected project and location.
+  "pipelineSources": { # Immutable. The sources of the pipeline (for example, Dataplex). The keys and values are set by the corresponding sources during pipeline creation.
+    "a_key": "A String",
+  },
   "scheduleInfo": { # Details of the schedule the pipeline runs on. # Internal scheduling information for a pipeline. If this information is provided, periodic jobs will be created per the schedule. If not, users are responsible for creating jobs externally.
     "nextJobTime": "A String", # Output only. When the next Scheduler job is going to run.
     "schedule": "A String", # Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler.

docs/dyn/datastore_v1beta3.projects.html

diff --git a/docs/dyn/datastore_v1beta3.projects.html b/docs/dyn/datastore_v1beta3.projects.html
index 6813001..5bd9b36 100644
--- a/docs/dyn/datastore_v1beta3.projects.html
+++ b/docs/dyn/datastore_v1beta3.projects.html
@@ -232,40 +232,7 @@
           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": { # A message that can hold any of the supported value types and associated metadata.
-            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
-              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
-                # Object with schema name: Value
-              ],
-            },
-            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
-            "booleanValue": True or False, # A boolean value.
-            "doubleValue": 3.14, # A double value.
-            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
-            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-            },
-            "integerValue": "A String", # An integer value.
-            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
-              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                "projectId": "A String", # The ID of the project to which the entities belong.
-              },
-              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                },
-              ],
-            },
-            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
-            "nullValue": "A String", # A null value.
-            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
-            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
-          },
+          "a_key": # Object with schema name: Value
         },
       },
       "update": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # The entity to update. The entity must already exist. Must have a complete key path.
@@ -283,40 +250,7 @@
           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": { # A message that can hold any of the supported value types and associated metadata.
-            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
-              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
-                # Object with schema name: Value
-              ],
-            },
-            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
-            "booleanValue": True or False, # A boolean value.
-            "doubleValue": 3.14, # A double value.
-            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
-            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-            },
-            "integerValue": "A String", # An integer value.
-            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
-              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                "projectId": "A String", # The ID of the project to which the entities belong.
-              },
-              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                },
-              ],
-            },
-            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
-            "nullValue": "A String", # A null value.
-            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
-            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
-          },
+          "a_key": # Object with schema name: Value
         },
       },
       "upsert": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # The entity to upsert. The entity may or may not already exist. The entity key's final path element may be incomplete.
@@ -334,40 +268,7 @@
           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": { # A message that can hold any of the supported value types and associated metadata.
-            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
-              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
-                # Object with schema name: Value
-              ],
-            },
-            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
-            "booleanValue": True or False, # A boolean value.
-            "doubleValue": 3.14, # A double value.
-            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
-            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-            },
-            "integerValue": "A String", # An integer value.
-            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
-              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                "projectId": "A String", # The ID of the project to which the entities belong.
-              },
-              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                },
-              ],
-            },
-            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
-            "nullValue": "A String", # A null value.
-            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
-            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
-          },
+          "a_key": # Object with schema name: Value
         },
       },
     },
@@ -480,40 +381,7 @@
           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": { # A message that can hold any of the supported value types and associated metadata.
-            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
-              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
-                # Object with schema name: Value
-              ],
-            },
-            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
-            "booleanValue": True or False, # A boolean value.
-            "doubleValue": 3.14, # A double value.
-            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
-            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-            },
-            "integerValue": "A String", # An integer value.
-            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
-              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                "projectId": "A String", # The ID of the project to which the entities belong.
-              },
-              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                },
-              ],
-            },
-            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
-            "nullValue": "A String", # A null value.
-            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
-            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
-          },
+          "a_key": # Object with schema name: Value
         },
       },
       "version": "A String", # The version of the entity, a strictly positive number that monotonically increases with changes to the entity. This field is set for `FULL` entity results. For missing entities in `LookupResponse`, this is the version of the snapshot that was used to look up the entity, and it is always set except for eventually consistent reads.
@@ -537,40 +405,7 @@
           ],
         },
         "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-          "a_key": { # A message that can hold any of the supported value types and associated metadata.
-            "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
-              "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
-                # Object with schema name: Value
-              ],
-            },
-            "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
-            "booleanValue": True or False, # A boolean value.
-            "doubleValue": 3.14, # A double value.
-            "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-            "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
-            "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-              "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-              "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-            },
-            "integerValue": "A String", # An integer value.
-            "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
-              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                "projectId": "A String", # The ID of the project to which the entities belong.
-              },
-              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                },
-              ],
-            },
-            "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
-            "nullValue": "A String", # A null value.
-            "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
-            "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
-          },
+          "a_key": # Object with schema name: Value
         },
       },
       "version": "A String", # The version of the entity, a strictly positive number that monotonically increases with changes to the entity. This field is set for `FULL` entity results. For missing entities in `LookupResponse`, this is the version of the snapshot that was used to look up the entity, and it is always set except for eventually consistent reads.
@@ -668,7 +503,24 @@
           "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
           "booleanValue": True or False, # A boolean value.
           "doubleValue": 3.14, # A double value.
-          "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+          "entityValue": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+            "key": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # The entity's key. An entity must have a key, unless otherwise documented (for example, an entity in `Value.entity_value` may have no key). An entity's kind is its key path's last element's kind, or null if it has no key.
+              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                "projectId": "A String", # The ID of the project to which the entities belong.
+              },
+              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
+                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
+                },
+              ],
+            },
+            "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
+              "a_key": # Object with schema name: Value
+            },
+          },
           "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
           "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
             "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
@@ -707,7 +559,24 @@
           "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
           "booleanValue": True or False, # A boolean value.
           "doubleValue": 3.14, # A double value.
-          "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+          "entityValue": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+            "key": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # The entity's key. An entity must have a key, unless otherwise documented (for example, an entity in `Value.entity_value` may have no key). An entity's kind is its key path's last element's kind, or null if it has no key.
+              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                "projectId": "A String", # The ID of the project to which the entities belong.
+              },
+              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
+                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
+                },
+              ],
+            },
+            "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
+              "a_key": # Object with schema name: Value
+            },
+          },
           "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
           "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
             "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
@@ -768,7 +637,24 @@
           "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
           "booleanValue": True or False, # A boolean value.
           "doubleValue": 3.14, # A double value.
-          "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+          "entityValue": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+            "key": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # The entity's key. An entity must have a key, unless otherwise documented (for example, an entity in `Value.entity_value` may have no key). An entity's kind is its key path's last element's kind, or null if it has no key.
+              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                "projectId": "A String", # The ID of the project to which the entities belong.
+              },
+              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
+                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
+                },
+              ],
+            },
+            "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
+              "a_key": # Object with schema name: Value
+            },
+          },
           "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
           "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
             "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
@@ -855,40 +741,7 @@
             ],
           },
           "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
-            "a_key": { # A message that can hold any of the supported value types and associated metadata.
-              "arrayValue": { # An array value. # An array value. Cannot contain another array value. A `Value` instance that sets field `array_value` must not set fields `meaning` or `exclude_from_indexes`.
-                "values": [ # Values in the array. The order of values in an array is preserved as long as all values have identical settings for 'exclude_from_indexes'.
-                  # Object with schema name: Value
-                ],
-              },
-              "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
-              "booleanValue": True or False, # A boolean value.
-              "doubleValue": 3.14, # A double value.
-              "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
-              "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
-              "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
-                "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
-                "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
-              },
-              "integerValue": "A String", # An integer value.
-              "keyValue": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # A key value.
-                "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
-                  "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
-                  "projectId": "A String", # The ID of the project to which the entities belong.
-                },
-                "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
-                  { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
-                    "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
-                    "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                    "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
-                  },
-                ],
-              },
-              "meaning": 42, # The `meaning` field should only be populated for backwards compatibility.
-              "nullValue": "A String", # A null value.
-              "stringValue": "A String", # A UTF-8 encoded string value. When `exclude_from_indexes` is false (it is indexed) , may have at most 1500 bytes. Otherwise, may be set to at most 1,000,000 bytes.
-              "timestampValue": "A String", # A timestamp value. When stored in the Datastore, precise only to microseconds; any additional precision is rounded down.
-            },
+            "a_key": # Object with schema name: Value
           },
         },
         "version": "A String", # The version of the entity, a strictly positive number that monotonically increases with changes to the entity. This field is set for `FULL` entity results. For missing entities in `LookupResponse`, this is the version of the snapshot that was used to look up the entity, and it is always set except for eventually consistent reads.
@@ -927,7 +780,24 @@
           "blobValue": "A String", # A blob value. May have at most 1,000,000 bytes. When `exclude_from_indexes` is false, may have at most 1500 bytes. In JSON requests, must be base64-encoded.
           "booleanValue": True or False, # A boolean value.
           "doubleValue": 3.14, # A double value.
-          "entityValue": # Object with schema name: Entity # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+          "entityValue": { # A Datastore data object. An entity is limited to 1 megabyte when stored. That _roughly_ corresponds to a limit of 1 megabyte for the serialized form of this message. # An entity value. - May have no key. - May have a key with an incomplete key path. - May have a reserved/read-only key.
+            "key": { # A unique identifier for an entity. If a key's partition ID or any of its path kinds or names are reserved/read-only, the key is reserved/read-only. A reserved/read-only key is forbidden in certain documented contexts. # The entity's key. An entity must have a key, unless otherwise documented (for example, an entity in `Value.entity_value` may have no key). An entity's kind is its key path's last element's kind, or null if it has no key.
+              "partitionId": { # A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID. Partition dimensions: - May be `""`. - Must be valid UTF-8 bytes. - Must have values that match regex `[A-Za-z\d\.\-_]{1,100}` If the value of any dimension matches regex `__.*__`, the partition is reserved/read-only. A reserved/read-only partition ID is forbidden in certain documented contexts. Foreign partition IDs (in which the project ID does not match the context project ID ) are discouraged. Reads and writes of foreign partition IDs may fail if the project is not in an active state. # Entities are partitioned into subsets, currently identified by a project ID and namespace ID. Queries are scoped to a single partition.
+                "namespaceId": "A String", # If not empty, the ID of the namespace to which the entities belong.
+                "projectId": "A String", # The ID of the project to which the entities belong.
+              },
+              "path": [ # The entity path. An entity path consists of one or more elements composed of a kind and a string or numerical identifier, which identify entities. The first element identifies a _root entity_, the second element identifies a _child_ of the root entity, the third element identifies a child of the second entity, and so forth. The entities identified by all prefixes of the path are called the element's _ancestors_. An entity path is always fully complete: *all* of the entity's ancestors are required to be in the path along with the entity identifier itself. The only exception is that in some documented cases, the identifier in the last path element (for the entity) itself may be omitted. For example, the last path element of the key of `Mutation.insert` may have no identifier. A path can never be empty, and a path can have at most 100 elements.
+                { # A (kind, ID/name) pair used to construct a key path. If either name or ID is set, the element is complete. If neither is set, the element is incomplete.
+                  "id": "A String", # The auto-allocated ID of the entity. Never equal to zero. Values less than zero are discouraged and may not be supported in the future.
+                  "kind": "A String", # The kind of the entity. A kind matching regex `__.*__` is reserved/read-only. A kind must not contain more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
+                  "name": "A String", # The name of the entity. A name matching regex `__.*__` is reserved/read-only. A name must not be more than 1500 bytes when UTF-8 encoded. Cannot be `""`.
+                },
+              ],
+            },
+            "properties": { # The entity's properties. The map's keys are property names. A property name matching regex `__.*__` is reserved. A reserved property name is forbidden in certain documented contexts. The name must not contain more than 500 characters. The name cannot be `""`.
+              "a_key": # Object with schema name: Value
+            },
+          },
           "excludeFromIndexes": True or False, # If the value should be excluded from all indexes including those defined explicitly.
           "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
             "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].

docs/dyn/datastream_v1.html

diff --git a/docs/dyn/datastream_v1.html b/docs/dyn/datastream_v1.html
new file mode 100644
index 0000000..8f66bf8
--- /dev/null
+++ b/docs/dyn/datastream_v1.html
@@ -0,0 +1,111 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="datastream_v1.html">Datastream API</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="datastream_v1.projects.html">projects()</a></code>
+</p>
+<p class="firstline">Returns the projects Resource.</p>
+
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#new_batch_http_request">new_batch_http_request()</a></code></p>
+<p class="firstline">Create a BatchHttpRequest object based on the discovery document.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="new_batch_http_request">new_batch_http_request()</code>
+  <pre>Create a BatchHttpRequest object based on the discovery document.
+
+        Args:
+          callback: callable, A callback to be called for each response, of the
+            form callback(id, response, exception). The first parameter is the
+            request id, and the second is the deserialized response object. The
+            third is an apiclient.errors.HttpError exception object if an HTTP
+            error occurred while processing the request, or None if no error
+            occurred.
+
+        Returns:
+          A BatchHttpRequest object based on the discovery document.
+        </pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/datastream_v1.projects.html

diff --git a/docs/dyn/datastream_v1.projects.html b/docs/dyn/datastream_v1.projects.html
new file mode 100644
index 0000000..bcf277a
--- /dev/null
+++ b/docs/dyn/datastream_v1.projects.html
@@ -0,0 +1,91 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="datastream_v1.html">Datastream API</a> . <a href="datastream_v1.projects.html">projects</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="datastream_v1.projects.locations.html">locations()</a></code>
+</p>
+<p class="firstline">Returns the locations Resource.</p>
+
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/datastream_v1.projects.locations.html

diff --git a/docs/dyn/datastream_v1.projects.locations.html b/docs/dyn/datastream_v1.projects.locations.html
new file mode 100644
index 0000000..6b26996
--- /dev/null
+++ b/docs/dyn/datastream_v1.projects.locations.html
@@ -0,0 +1,176 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="datastream_v1.html">Datastream API</a> . <a href="datastream_v1.projects.html">projects</a> . <a href="datastream_v1.projects.locations.html">locations</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="datastream_v1.projects.locations.operations.html">operations()</a></code>
+</p>
+<p class="firstline">Returns the operations Resource.</p>
+
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets information about a location.</p>
+<p class="toc_element">
+  <code><a href="#list">list(name, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Lists information about the supported locations for this service.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="get">get(name, x__xgafv=None)</code>
+  <pre>Gets information about a location.
+
+Args:
+  name: string, Resource name for the location. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A resource that represents Google Cloud Platform location.
+  &quot;displayName&quot;: &quot;A String&quot;, # The friendly name for this location, typically a nearby city name. For example, &quot;Tokyo&quot;.
+  &quot;labels&quot;: { # Cross-service attributes for the location. For example {&quot;cloud.googleapis.com/region&quot;: &quot;us-east1&quot;}
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;locationId&quot;: &quot;A String&quot;, # The canonical id for this location. For example: `&quot;us-east1&quot;`.
+  &quot;metadata&quot;: { # Service-specific metadata. For example the available capacity at the given location.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Resource name for the location, which may vary between implementations. For example: `&quot;projects/example-project/locations/us-east1&quot;`
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(name, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</code>
+  <pre>Lists information about the supported locations for this service.
+
+Args:
+  name: string, The resource that owns the locations collection, if applicable. (required)
+  filter: string, A filter to narrow down results to a preferred subset. The filtering language accepts strings like &quot;displayName=tokyo&quot;, and is documented in more detail in [AIP-160](https://google.aip.dev/160).
+  pageSize: integer, The maximum number of results to return. If not set, the service selects a default.
+  pageToken: string, A page token received from the `next_page_token` field in the response. Send that page token to receive the subsequent page.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # The response message for Locations.ListLocations.
+  &quot;locations&quot;: [ # A list of locations that matches the specified filter in the request.
+    { # A resource that represents Google Cloud Platform location.
+      &quot;displayName&quot;: &quot;A String&quot;, # The friendly name for this location, typically a nearby city name. For example, &quot;Tokyo&quot;.
+      &quot;labels&quot;: { # Cross-service attributes for the location. For example {&quot;cloud.googleapis.com/region&quot;: &quot;us-east1&quot;}
+        &quot;a_key&quot;: &quot;A String&quot;,
+      },
+      &quot;locationId&quot;: &quot;A String&quot;, # The canonical id for this location. For example: `&quot;us-east1&quot;`.
+      &quot;metadata&quot;: { # Service-specific metadata. For example the available capacity at the given location.
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+      &quot;name&quot;: &quot;A String&quot;, # Resource name for the location, which may vary between implementations. For example: `&quot;projects/example-project/locations/us-east1&quot;`
+    },
+  ],
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # The standard List next-page token.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/datastream_v1.projects.locations.operations.html

diff --git a/docs/dyn/datastream_v1.projects.locations.operations.html b/docs/dyn/datastream_v1.projects.locations.operations.html
new file mode 100644
index 0000000..2dbd1dd
--- /dev/null
+++ b/docs/dyn/datastream_v1.projects.locations.operations.html
@@ -0,0 +1,235 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="datastream_v1.html">Datastream API</a> . <a href="datastream_v1.projects.html">projects</a> . <a href="datastream_v1.projects.locations.html">locations</a> . <a href="datastream_v1.projects.locations.operations.html">operations</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#cancel">cancel(name, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.</p>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns `google.rpc.Code.UNIMPLEMENTED`.</p>
+<p class="toc_element">
+  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.</p>
+<p class="toc_element">
+  <code><a href="#list">list(name, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. NOTE: the `name` binding allows API services to override the binding to use different resource name schemes, such as `users/*/operations`. To override the binding, API services can add a binding such as `"/v1/{name=users/*}/operations"` to their service configuration. For backwards compatibility, the default name includes the operations collection id, however overriding users must ensure the name binding is the parent resource, without the operations collection id.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="cancel">cancel(name, body=None, x__xgafv=None)</code>
+  <pre>Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn&#x27;t support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.
+
+Args:
+  name: string, The name of the operation resource to be cancelled. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # The request message for Operations.CancelOperation.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
+  <pre>Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn&#x27;t support this method, it returns `google.rpc.Code.UNIMPLEMENTED`.
+
+Args:
+  name: string, The name of the operation resource to be deleted. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="get">get(name, x__xgafv=None)</code>
+  <pre>Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.
+
+Args:
+  name: string, The name of the operation resource. (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(name, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</code>
+  <pre>Lists operations that match the specified filter in the request. If the server doesn&#x27;t support this method, it returns `UNIMPLEMENTED`. NOTE: the `name` binding allows API services to override the binding to use different resource name schemes, such as `users/*/operations`. To override the binding, API services can add a binding such as `&quot;/v1/{name=users/*}/operations&quot;` to their service configuration. For backwards compatibility, the default name includes the operations collection id, however overriding users must ensure the name binding is the parent resource, without the operations collection id.
+
+Args:
+  name: string, The name of the operation&#x27;s parent resource. (required)
+  filter: string, The standard list filter.
+  pageSize: integer, The standard list page size.
+  pageToken: string, The standard list page token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # The response message for Operations.ListOperations.
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # The standard List next-page token.
+  &quot;operations&quot;: [ # A list of operations that matches the specified filter in the request.
+    { # This resource represents a long-running operation that is the result of a network API call.
+      &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+      &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+        &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+        &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+          {
+            &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+          },
+        ],
+        &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+      },
+      &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+      &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+      &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+    },
+  ],
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/dialogflow_v2.projects.conversationProfiles.html

diff --git a/docs/dyn/dialogflow_v2.projects.conversationProfiles.html b/docs/dyn/dialogflow_v2.projects.conversationProfiles.html
index efa291c..4d0b547 100644
--- a/docs/dyn/dialogflow_v2.projects.conversationProfiles.html
+++ b/docs/dyn/dialogflow_v2.projects.conversationProfiles.html
@@ -112,7 +112,7 @@
 
 { # Defines the services to connect to incoming Dialogflow conversations.
   "automatedAgentConfig": { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    "agent": "A String", # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    "agent": "A String", # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   "createTime": "A String", # Output only. Create time of the conversation profile.
   "displayName": "A String", # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -125,7 +125,7 @@
           },
           "enableEventBasedSuggestion": True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           "queryConfig": { # Config for suggestion query. # Configs of query.
-            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             "contextFilterSettings": { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               "dropHandoffMessages": True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               "dropIvrMessages": True or False, # If set to true, all messages from ivr stage are dropped.
@@ -165,7 +165,7 @@
           },
           "enableEventBasedSuggestion": True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           "queryConfig": { # Config for suggestion query. # Configs of query.
-            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             "contextFilterSettings": { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               "dropHandoffMessages": True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               "dropIvrMessages": True or False, # If set to true, all messages from ivr stage are dropped.
@@ -217,7 +217,7 @@
       "organizationId": "A String", # Required. The organization ID of the Salesforce account.
     },
   },
-  "languageCode": "A String", # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  "languageCode": "A String", # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: "en-US".
   "loggingConfig": { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     "enableStackdriverLogging": True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -230,9 +230,11 @@
     "messageFormat": "A String", # Format of message.
     "topic": "A String", # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  "securitySettings": "A String", # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   "sttConfig": { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     "speechModelVariant": "A String", # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  "timeZone": "A String", # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   "updateTime": "A String", # Output only. Update time of the conversation profile.
 }
 
@@ -246,7 +248,7 @@
 
     { # Defines the services to connect to incoming Dialogflow conversations.
   "automatedAgentConfig": { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    "agent": "A String", # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    "agent": "A String", # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   "createTime": "A String", # Output only. Create time of the conversation profile.
   "displayName": "A String", # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -259,7 +261,7 @@
           },
           "enableEventBasedSuggestion": True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           "queryConfig": { # Config for suggestion query. # Configs of query.
-            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             "contextFilterSettings": { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               "dropHandoffMessages": True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               "dropIvrMessages": True or False, # If set to true, all messages from ivr stage are dropped.
@@ -299,7 +301,7 @@
           },
           "enableEventBasedSuggestion": True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           "queryConfig": { # Config for suggestion query. # Configs of query.
-            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             "contextFilterSettings": { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               "dropHandoffMessages": True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               "dropIvrMessages": True or False, # If set to true, all messages from ivr stage are dropped.
@@ -351,7 +353,7 @@
       "organizationId": "A String", # Required. The organization ID of the Salesforce account.
     },
   },
-  "languageCode": "A String", # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  "languageCode": "A String", # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: "en-US".
   "loggingConfig": { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     "enableStackdriverLogging": True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -364,9 +366,11 @@
     "messageFormat": "A String", # Format of message.
     "topic": "A String", # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  "securitySettings": "A String", # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   "sttConfig": { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     "speechModelVariant": "A String", # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  "timeZone": "A String", # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   "updateTime": "A String", # Output only. Update time of the conversation profile.
 }</pre>
 </div>
@@ -405,7 +409,7 @@
 
     { # Defines the services to connect to incoming Dialogflow conversations.
   &quot;automatedAgentConfig&quot;: { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   &quot;createTime&quot;: &quot;A String&quot;, # Output only. Create time of the conversation profile.
   &quot;displayName&quot;: &quot;A String&quot;, # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -418,7 +422,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -458,7 +462,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -510,7 +514,7 @@
       &quot;organizationId&quot;: &quot;A String&quot;, # Required. The organization ID of the Salesforce account.
     },
   },
-  &quot;languageCode&quot;: &quot;A String&quot;, # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  &quot;languageCode&quot;: &quot;A String&quot;, # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: &quot;en-US&quot;.
   &quot;loggingConfig&quot;: { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     &quot;enableStackdriverLogging&quot;: True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -523,9 +527,11 @@
     &quot;messageFormat&quot;: &quot;A String&quot;, # Format of message.
     &quot;topic&quot;: &quot;A String&quot;, # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  &quot;securitySettings&quot;: &quot;A String&quot;, # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   &quot;sttConfig&quot;: { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     &quot;speechModelVariant&quot;: &quot;A String&quot;, # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  &quot;timeZone&quot;: &quot;A String&quot;, # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Update time of the conversation profile.
 }</pre>
 </div>
@@ -550,7 +556,7 @@
   &quot;conversationProfiles&quot;: [ # The list of project conversation profiles. There is a maximum number of items returned based on the page_size field in the request.
     { # Defines the services to connect to incoming Dialogflow conversations.
       &quot;automatedAgentConfig&quot;: { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-        &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+        &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
       },
       &quot;createTime&quot;: &quot;A String&quot;, # Output only. Create time of the conversation profile.
       &quot;displayName&quot;: &quot;A String&quot;, # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -563,7 +569,7 @@
               },
               &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
               &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-                &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+                &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
                 &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
                   &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
                   &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -603,7 +609,7 @@
               },
               &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
               &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-                &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+                &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
                 &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
                   &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
                   &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -655,7 +661,7 @@
           &quot;organizationId&quot;: &quot;A String&quot;, # Required. The organization ID of the Salesforce account.
         },
       },
-      &quot;languageCode&quot;: &quot;A String&quot;, # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+      &quot;languageCode&quot;: &quot;A String&quot;, # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: &quot;en-US&quot;.
       &quot;loggingConfig&quot;: { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
         &quot;enableStackdriverLogging&quot;: True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
       },
@@ -668,9 +674,11 @@
         &quot;messageFormat&quot;: &quot;A String&quot;, # Format of message.
         &quot;topic&quot;: &quot;A String&quot;, # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
       },
+      &quot;securitySettings&quot;: &quot;A String&quot;, # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
       &quot;sttConfig&quot;: { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
         &quot;speechModelVariant&quot;: &quot;A String&quot;, # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
       },
+      &quot;timeZone&quot;: &quot;A String&quot;, # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
       &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Update time of the conversation profile.
     },
   ],
@@ -703,7 +711,7 @@
 
 { # Defines the services to connect to incoming Dialogflow conversations.
   &quot;automatedAgentConfig&quot;: { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   &quot;createTime&quot;: &quot;A String&quot;, # Output only. Create time of the conversation profile.
   &quot;displayName&quot;: &quot;A String&quot;, # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -716,7 +724,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -756,7 +764,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -808,7 +816,7 @@
       &quot;organizationId&quot;: &quot;A String&quot;, # Required. The organization ID of the Salesforce account.
     },
   },
-  &quot;languageCode&quot;: &quot;A String&quot;, # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  &quot;languageCode&quot;: &quot;A String&quot;, # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: &quot;en-US&quot;.
   &quot;loggingConfig&quot;: { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     &quot;enableStackdriverLogging&quot;: True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -821,9 +829,11 @@
     &quot;messageFormat&quot;: &quot;A String&quot;, # Format of message.
     &quot;topic&quot;: &quot;A String&quot;, # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  &quot;securitySettings&quot;: &quot;A String&quot;, # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   &quot;sttConfig&quot;: { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     &quot;speechModelVariant&quot;: &quot;A String&quot;, # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  &quot;timeZone&quot;: &quot;A String&quot;, # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Update time of the conversation profile.
 }
 
@@ -838,7 +848,7 @@
 
     { # Defines the services to connect to incoming Dialogflow conversations.
   &quot;automatedAgentConfig&quot;: { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   &quot;createTime&quot;: &quot;A String&quot;, # Output only. Create time of the conversation profile.
   &quot;displayName&quot;: &quot;A String&quot;, # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -851,7 +861,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -891,7 +901,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -943,7 +953,7 @@
       &quot;organizationId&quot;: &quot;A String&quot;, # Required. The organization ID of the Salesforce account.
     },
   },
-  &quot;languageCode&quot;: &quot;A String&quot;, # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  &quot;languageCode&quot;: &quot;A String&quot;, # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: &quot;en-US&quot;.
   &quot;loggingConfig&quot;: { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     &quot;enableStackdriverLogging&quot;: True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -956,9 +966,11 @@
     &quot;messageFormat&quot;: &quot;A String&quot;, # Format of message.
     &quot;topic&quot;: &quot;A String&quot;, # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  &quot;securitySettings&quot;: &quot;A String&quot;, # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   &quot;sttConfig&quot;: { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     &quot;speechModelVariant&quot;: &quot;A String&quot;, # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  &quot;timeZone&quot;: &quot;A String&quot;, # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Update time of the conversation profile.
 }</pre>
 </div>

docs/dyn/dialogflow_v2.projects.locations.conversationProfiles.html

diff --git a/docs/dyn/dialogflow_v2.projects.locations.conversationProfiles.html b/docs/dyn/dialogflow_v2.projects.locations.conversationProfiles.html
index 9bfc147..c7187d8 100644
--- a/docs/dyn/dialogflow_v2.projects.locations.conversationProfiles.html
+++ b/docs/dyn/dialogflow_v2.projects.locations.conversationProfiles.html
@@ -112,7 +112,7 @@
 
 { # Defines the services to connect to incoming Dialogflow conversations.
   "automatedAgentConfig": { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    "agent": "A String", # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    "agent": "A String", # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   "createTime": "A String", # Output only. Create time of the conversation profile.
   "displayName": "A String", # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -125,7 +125,7 @@
           },
           "enableEventBasedSuggestion": True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           "queryConfig": { # Config for suggestion query. # Configs of query.
-            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             "contextFilterSettings": { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               "dropHandoffMessages": True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               "dropIvrMessages": True or False, # If set to true, all messages from ivr stage are dropped.
@@ -165,7 +165,7 @@
           },
           "enableEventBasedSuggestion": True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           "queryConfig": { # Config for suggestion query. # Configs of query.
-            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             "contextFilterSettings": { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               "dropHandoffMessages": True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               "dropIvrMessages": True or False, # If set to true, all messages from ivr stage are dropped.
@@ -217,7 +217,7 @@
       "organizationId": "A String", # Required. The organization ID of the Salesforce account.
     },
   },
-  "languageCode": "A String", # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  "languageCode": "A String", # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: "en-US".
   "loggingConfig": { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     "enableStackdriverLogging": True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -230,9 +230,11 @@
     "messageFormat": "A String", # Format of message.
     "topic": "A String", # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  "securitySettings": "A String", # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   "sttConfig": { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     "speechModelVariant": "A String", # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  "timeZone": "A String", # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   "updateTime": "A String", # Output only. Update time of the conversation profile.
 }
 
@@ -246,7 +248,7 @@
 
     { # Defines the services to connect to incoming Dialogflow conversations.
   "automatedAgentConfig": { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    "agent": "A String", # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    "agent": "A String", # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   "createTime": "A String", # Output only. Create time of the conversation profile.
   "displayName": "A String", # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -259,7 +261,7 @@
           },
           "enableEventBasedSuggestion": True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           "queryConfig": { # Config for suggestion query. # Configs of query.
-            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             "contextFilterSettings": { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               "dropHandoffMessages": True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               "dropIvrMessages": True or False, # If set to true, all messages from ivr stage are dropped.
@@ -299,7 +301,7 @@
           },
           "enableEventBasedSuggestion": True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           "queryConfig": { # Config for suggestion query. # Configs of query.
-            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            "confidenceThreshold": 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             "contextFilterSettings": { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               "dropHandoffMessages": True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               "dropIvrMessages": True or False, # If set to true, all messages from ivr stage are dropped.
@@ -351,7 +353,7 @@
       "organizationId": "A String", # Required. The organization ID of the Salesforce account.
     },
   },
-  "languageCode": "A String", # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  "languageCode": "A String", # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: "en-US".
   "loggingConfig": { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     "enableStackdriverLogging": True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -364,9 +366,11 @@
     "messageFormat": "A String", # Format of message.
     "topic": "A String", # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  "securitySettings": "A String", # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   "sttConfig": { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     "speechModelVariant": "A String", # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  "timeZone": "A String", # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   "updateTime": "A String", # Output only. Update time of the conversation profile.
 }</pre>
 </div>
@@ -405,7 +409,7 @@
 
     { # Defines the services to connect to incoming Dialogflow conversations.
   &quot;automatedAgentConfig&quot;: { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   &quot;createTime&quot;: &quot;A String&quot;, # Output only. Create time of the conversation profile.
   &quot;displayName&quot;: &quot;A String&quot;, # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -418,7 +422,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -458,7 +462,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -510,7 +514,7 @@
       &quot;organizationId&quot;: &quot;A String&quot;, # Required. The organization ID of the Salesforce account.
     },
   },
-  &quot;languageCode&quot;: &quot;A String&quot;, # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  &quot;languageCode&quot;: &quot;A String&quot;, # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: &quot;en-US&quot;.
   &quot;loggingConfig&quot;: { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     &quot;enableStackdriverLogging&quot;: True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -523,9 +527,11 @@
     &quot;messageFormat&quot;: &quot;A String&quot;, # Format of message.
     &quot;topic&quot;: &quot;A String&quot;, # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  &quot;securitySettings&quot;: &quot;A String&quot;, # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   &quot;sttConfig&quot;: { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     &quot;speechModelVariant&quot;: &quot;A String&quot;, # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  &quot;timeZone&quot;: &quot;A String&quot;, # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Update time of the conversation profile.
 }</pre>
 </div>
@@ -550,7 +556,7 @@
   &quot;conversationProfiles&quot;: [ # The list of project conversation profiles. There is a maximum number of items returned based on the page_size field in the request.
     { # Defines the services to connect to incoming Dialogflow conversations.
       &quot;automatedAgentConfig&quot;: { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-        &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+        &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
       },
       &quot;createTime&quot;: &quot;A String&quot;, # Output only. Create time of the conversation profile.
       &quot;displayName&quot;: &quot;A String&quot;, # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -563,7 +569,7 @@
               },
               &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
               &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-                &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+                &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
                 &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
                   &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
                   &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -603,7 +609,7 @@
               },
               &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
               &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-                &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+                &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
                 &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
                   &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
                   &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -655,7 +661,7 @@
           &quot;organizationId&quot;: &quot;A String&quot;, # Required. The organization ID of the Salesforce account.
         },
       },
-      &quot;languageCode&quot;: &quot;A String&quot;, # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+      &quot;languageCode&quot;: &quot;A String&quot;, # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: &quot;en-US&quot;.
       &quot;loggingConfig&quot;: { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
         &quot;enableStackdriverLogging&quot;: True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
       },
@@ -668,9 +674,11 @@
         &quot;messageFormat&quot;: &quot;A String&quot;, # Format of message.
         &quot;topic&quot;: &quot;A String&quot;, # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
       },
+      &quot;securitySettings&quot;: &quot;A String&quot;, # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
       &quot;sttConfig&quot;: { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
         &quot;speechModelVariant&quot;: &quot;A String&quot;, # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
       },
+      &quot;timeZone&quot;: &quot;A String&quot;, # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
       &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Update time of the conversation profile.
     },
   ],
@@ -703,7 +711,7 @@
 
 { # Defines the services to connect to incoming Dialogflow conversations.
   &quot;automatedAgentConfig&quot;: { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   &quot;createTime&quot;: &quot;A String&quot;, # Output only. Create time of the conversation profile.
   &quot;displayName&quot;: &quot;A String&quot;, # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -716,7 +724,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -756,7 +764,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -808,7 +816,7 @@
       &quot;organizationId&quot;: &quot;A String&quot;, # Required. The organization ID of the Salesforce account.
     },
   },
-  &quot;languageCode&quot;: &quot;A String&quot;, # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  &quot;languageCode&quot;: &quot;A String&quot;, # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: &quot;en-US&quot;.
   &quot;loggingConfig&quot;: { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     &quot;enableStackdriverLogging&quot;: True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -821,9 +829,11 @@
     &quot;messageFormat&quot;: &quot;A String&quot;, # Format of message.
     &quot;topic&quot;: &quot;A String&quot;, # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  &quot;securitySettings&quot;: &quot;A String&quot;, # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   &quot;sttConfig&quot;: { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     &quot;speechModelVariant&quot;: &quot;A String&quot;, # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  &quot;timeZone&quot;: &quot;A String&quot;, # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Update time of the conversation profile.
 }
 
@@ -838,7 +848,7 @@
 
     { # Defines the services to connect to incoming Dialogflow conversations.
   &quot;automatedAgentConfig&quot;: { # Defines the Automated Agent to connect to a conversation. # Configuration for an automated agent to use with this profile.
-    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. Format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details.
+    &quot;agent&quot;: &quot;A String&quot;, # Required. ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used.
   },
   &quot;createTime&quot;: &quot;A String&quot;, # Output only. Create time of the conversation profile.
   &quot;displayName&quot;: &quot;A String&quot;, # Required. Human readable name for this profile. Max length 1024 bytes.
@@ -851,7 +861,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -891,7 +901,7 @@
           },
           &quot;enableEventBasedSuggestion&quot;: True or False, # Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST.
           &quot;queryConfig&quot;: { # Config for suggestion query. # Configs of query.
-            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION.
+            &quot;confidenceThreshold&quot;: 3.14, # Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE.
             &quot;contextFilterSettings&quot;: { # Settings that determine how to filter recent conversation context when generating suggestions. # Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped.
               &quot;dropHandoffMessages&quot;: True or False, # If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped.
               &quot;dropIvrMessages&quot;: True or False, # If set to true, all messages from ivr stage are dropped.
@@ -943,7 +953,7 @@
       &quot;organizationId&quot;: &quot;A String&quot;, # Required. The organization ID of the Salesforce account.
     },
   },
-  &quot;languageCode&quot;: &quot;A String&quot;, # Language which represents the conversationProfile. If unspecified, the default language code en-us applies. Users need to create a ConversationProfile for each language they want to support.
+  &quot;languageCode&quot;: &quot;A String&quot;, # Language code for the conversation profile. If not specified, the language is en-US. Language at ConversationProfile should be set for all non en-US languages. This should be a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: &quot;en-US&quot;.
   &quot;loggingConfig&quot;: { # Defines logging behavior for conversation lifecycle events. # Configuration for logging conversation lifecycle events.
     &quot;enableStackdriverLogging&quot;: True or False, # Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos.
   },
@@ -956,9 +966,11 @@
     &quot;messageFormat&quot;: &quot;A String&quot;, # Format of message.
     &quot;topic&quot;: &quot;A String&quot;, # Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. Notification works for phone calls, if this topic either is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. Format: `projects//locations//topics/`.
   },
+  &quot;securitySettings&quot;: &quot;A String&quot;, # Name of the CX SecuritySettings reference for the agent. Format: `projects//locations//securitySettings/`.
   &quot;sttConfig&quot;: { # Configures speech transcription for ConversationProfile. # Settings for speech transcription.
     &quot;speechModelVariant&quot;: &quot;A String&quot;, # Optional. The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request.
   },
+  &quot;timeZone&quot;: &quot;A String&quot;, # The time zone of this conversational profile from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris. Defaults to America/New_York.
   &quot;updateTime&quot;: &quot;A String&quot;, # Output only. Update time of the conversation profile.
 }</pre>
 </div>

docs/dyn/documentai_v1.projects.locations.processors.processorVersions.html

diff --git a/docs/dyn/documentai_v1.projects.locations.processors.processorVersions.html b/docs/dyn/documentai_v1.projects.locations.processors.processorVersions.html
index 5c4a3fd..d684be7 100644
--- a/docs/dyn/documentai_v1.projects.locations.processors.processorVersions.html
+++ b/docs/dyn/documentai_v1.projects.locations.processors.processorVersions.html
@@ -260,41 +260,7 @@
     { # A processor version is an implementation of a processor. Each processor can have multiple versions, pre-trained by Google internally or up-trained by the customer. At a time, a processor can only have one default version version. So the processor's behavior (when processing documents) is defined by a default version.
   "createTime": "A String", # The time the processor version was created.
   "displayName": "A String", # The display name of the processor version.
-  "latestEvaluation": { # Gives a short summary of an evaluation, and links to the evaluation itself. # The most recently invoked evaluation for the processor version.
-    "aggregateMetrics": { # Evaluation metrics, either in aggregate or about a specific entity. # An aggregate of the statistics for the evaluation.
-      "f1Score": 3.14, # The calculated f1 score.
-      "falseNegativesCount": 42, # The amount of false negatives.
-      "falsePositivesCount": 42, # The amount of false positives.
-      "groundTruthOccurrencesCount": 42, # The amount of occurrences in ground truth documents.
-      "precision": 3.14, # The calculated precision.
-      "predictedOccurrencesCount": 42, # The amount of occurrences in predicted documents.
-      "recall": 3.14, # The calculated recall.
-      "totalDocumentsCount": 42, # The amount of documents that had an occurrence of this label.
-      "truePositivesCount": 42, # The amount of true positives.
-    },
-    "evaluation": "A String", # The resource name of the evaluation.
-    "operation": "A String", # The resource name of the Long Running Operation for the evaluation.
-  },
   "name": "A String", # The resource name of the processor version. Format: projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processor_version}
-  "schema": { # The schema defines the output of the processed document by a processor. # The schema of the processor version. Describes the output.
-    "description": "A String", # Description of the schema.
-    "displayName": "A String", # Display name to show to users.
-    "entityTypes": [ # Entity types of the schema.
-      { # EntityType is the wrapper of a label of the corresponding model with detailed attributes and limitations for entity-based processors. Multiple types can also compose a dependency tree to represent nested types.
-        "baseType": "A String", # Type of the entity. It must be one of the following: `document` - the entity represents a classification of a logical document. `object` - if the entity has properties it is likely an object (or or a document.) `datetime` - the entity is a date or time value. `money` - the entity represents a money value amount. `number` - the entity is a number - integer or floating point. `string` - the entity is a string value. `boolean` - the entity is a boolean value. `address` - the entity is a location address. `duration` - the entity is a duration.
-        "description": "A String", # Description of the entity type.
-        "enumValues": [ # If specified, lists all the possible values for this entity.
-          "A String",
-        ],
-        "occurrenceType": "A String", # Occurrence type limits the number of times an entity type appears in the document.
-        "properties": [ # Describing the nested structure of an entity. An EntityType may consist of several other EntityTypes. For example, in a document there can be an EntityType 'ID', which consists of EntityType 'name' and 'address', with corresponding attributes, such as TEXT for both types and ONCE for occurrence types.
-          # Object with schema name: GoogleCloudDocumentaiV1SchemaEntityType
-        ],
-        "source": "A String", # Source of this entity type.
-        "type": "A String", # Name of the type. It must satisfy the following constraints: 1. Must be unique within the set of same level types (with case-insensitive match). 2. Maximum 50 characters. 3. Must start with a letter. 4. Allowed characters: ASCII letters [a-zA-Z], ASCII digits [0-9], or one of the following punctuation characters: * underscore '_' (recommended) * hyphen '-' (allowed, not recommended) * colon ':' (allowed, not recommended) NOTE: Whitespace characters are not allowed. 5. Cannot end with a punctuation character. 6. Cannot contain the following restricted strings: "google", "DocumentAI" (case-insensitive match). 7. A slash character '/' is reserved as a separator in flattened representations of nested entity types (e.g., "line_item/amount") in which case each part (e.g., "line_item", "amount") must comply with the rules defined above. We recommend using the snake case ("snake_case") in entity type names.
-      },
-    ],
-  },
   "state": "A String", # The state of the processor version.
 }</pre>
 </div>
@@ -321,41 +287,7 @@
     { # A processor version is an implementation of a processor. Each processor can have multiple versions, pre-trained by Google internally or up-trained by the customer. At a time, a processor can only have one default version version. So the processor&#x27;s behavior (when processing documents) is defined by a default version.
       &quot;createTime&quot;: &quot;A String&quot;, # The time the processor version was created.
       &quot;displayName&quot;: &quot;A String&quot;, # The display name of the processor version.
-      &quot;latestEvaluation&quot;: { # Gives a short summary of an evaluation, and links to the evaluation itself. # The most recently invoked evaluation for the processor version.
-        &quot;aggregateMetrics&quot;: { # Evaluation metrics, either in aggregate or about a specific entity. # An aggregate of the statistics for the evaluation.
-          &quot;f1Score&quot;: 3.14, # The calculated f1 score.
-          &quot;falseNegativesCount&quot;: 42, # The amount of false negatives.
-          &quot;falsePositivesCount&quot;: 42, # The amount of false positives.
-          &quot;groundTruthOccurrencesCount&quot;: 42, # The amount of occurrences in ground truth documents.
-          &quot;precision&quot;: 3.14, # The calculated precision.
-          &quot;predictedOccurrencesCount&quot;: 42, # The amount of occurrences in predicted documents.
-          &quot;recall&quot;: 3.14, # The calculated recall.
-          &quot;totalDocumentsCount&quot;: 42, # The amount of documents that had an occurrence of this label.
-          &quot;truePositivesCount&quot;: 42, # The amount of true positives.
-        },
-        &quot;evaluation&quot;: &quot;A String&quot;, # The resource name of the evaluation.
-        &quot;operation&quot;: &quot;A String&quot;, # The resource name of the Long Running Operation for the evaluation.
-      },
       &quot;name&quot;: &quot;A String&quot;, # The resource name of the processor version. Format: projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processor_version}
-      &quot;schema&quot;: { # The schema defines the output of the processed document by a processor. # The schema of the processor version. Describes the output.
-        &quot;description&quot;: &quot;A String&quot;, # Description of the schema.
-        &quot;displayName&quot;: &quot;A String&quot;, # Display name to show to users.
-        &quot;entityTypes&quot;: [ # Entity types of the schema.
-          { # EntityType is the wrapper of a label of the corresponding model with detailed attributes and limitations for entity-based processors. Multiple types can also compose a dependency tree to represent nested types.
-            &quot;baseType&quot;: &quot;A String&quot;, # Type of the entity. It must be one of the following: `document` - the entity represents a classification of a logical document. `object` - if the entity has properties it is likely an object (or or a document.) `datetime` - the entity is a date or time value. `money` - the entity represents a money value amount. `number` - the entity is a number - integer or floating point. `string` - the entity is a string value. `boolean` - the entity is a boolean value. `address` - the entity is a location address. `duration` - the entity is a duration.
-            &quot;description&quot;: &quot;A String&quot;, # Description of the entity type.
-            &quot;enumValues&quot;: [ # If specified, lists all the possible values for this entity.
-              &quot;A String&quot;,
-            ],
-            &quot;occurrenceType&quot;: &quot;A String&quot;, # Occurrence type limits the number of times an entity type appears in the document.
-            &quot;properties&quot;: [ # Describing the nested structure of an entity. An EntityType may consist of several other EntityTypes. For example, in a document there can be an EntityType &#x27;ID&#x27;, which consists of EntityType &#x27;name&#x27; and &#x27;address&#x27;, with corresponding attributes, such as TEXT for both types and ONCE for occurrence types.
-              # Object with schema name: GoogleCloudDocumentaiV1SchemaEntityType
-            ],
-            &quot;source&quot;: &quot;A String&quot;, # Source of this entity type.
-            &quot;type&quot;: &quot;A String&quot;, # Name of the type. It must satisfy the following constraints: 1. Must be unique within the set of same level types (with case-insensitive match). 2. Maximum 50 characters. 3. Must start with a letter. 4. Allowed characters: ASCII letters [a-zA-Z], ASCII digits [0-9], or one of the following punctuation characters: * underscore &#x27;_&#x27; (recommended) * hyphen &#x27;-&#x27; (allowed, not recommended) * colon &#x27;:&#x27; (allowed, not recommended) NOTE: Whitespace characters are not allowed. 5. Cannot end with a punctuation character. 6. Cannot contain the following restricted strings: &quot;google&quot;, &quot;DocumentAI&quot; (case-insensitive match). 7. A slash character &#x27;/&#x27; is reserved as a separator in flattened representations of nested entity types (e.g., &quot;line_item/amount&quot;) in which case each part (e.g., &quot;line_item&quot;, &quot;amount&quot;) must comply with the rules defined above. We recommend using the snake case (&quot;snake_case&quot;) in entity type names.
-          },
-        ],
-      },
       &quot;state&quot;: &quot;A String&quot;, # The state of the processor version.
     },
   ],

docs/dyn/documentai_v1beta3.projects.locations.processors.processorVersions.html

diff --git a/docs/dyn/documentai_v1beta3.projects.locations.processors.processorVersions.html b/docs/dyn/documentai_v1beta3.projects.locations.processors.processorVersions.html
index 56ded75..0aa447d 100644
--- a/docs/dyn/documentai_v1beta3.projects.locations.processors.processorVersions.html
+++ b/docs/dyn/documentai_v1beta3.projects.locations.processors.processorVersions.html
@@ -269,41 +269,7 @@
     { # A processor version is an implementation of a processor. Each processor can have multiple versions, pre-trained by Google internally or up-trained by the customer. At a time, a processor can only have one default version version. So the processor's behavior (when processing documents) is defined by a default version.
   "createTime": "A String", # The time the processor version was created.
   "displayName": "A String", # The display name of the processor version.
-  "latestEvaluation": { # Gives a short summary of an evaluation, and links to the evaluation itself. # The most recently invoked evaluation for the processor version.
-    "aggregateMetrics": { # Evaluation metrics, either in aggregate or about a specific entity. # An aggregate of the statistics for the evaluation.
-      "f1Score": 3.14, # The calculated f1 score.
-      "falseNegativesCount": 42, # The amount of false negatives.
-      "falsePositivesCount": 42, # The amount of false positives.
-      "groundTruthOccurrencesCount": 42, # The amount of occurrences in ground truth documents.
-      "precision": 3.14, # The calculated precision.
-      "predictedOccurrencesCount": 42, # The amount of occurrences in predicted documents.
-      "recall": 3.14, # The calculated recall.
-      "totalDocumentsCount": 42, # The amount of documents that had an occurrence of this label.
-      "truePositivesCount": 42, # The amount of true positives.
-    },
-    "evaluation": "A String", # The resource name of the evaluation.
-    "operation": "A String", # The resource name of the Long Running Operation for the evaluation.
-  },
   "name": "A String", # The resource name of the processor version. Format: projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processor_version}
-  "schema": { # The schema defines the output of the processed document by a processor. # The schema of the processor version. Describes the output.
-    "description": "A String", # Description of the schema.
-    "displayName": "A String", # Display name to show to users.
-    "entityTypes": [ # Entity types of the schema.
-      { # EntityType is the wrapper of a label of the corresponding model with detailed attributes and limitations for entity-based processors. Multiple types can also compose a dependency tree to represent nested types.
-        "baseType": "A String", # Type of the entity. It must be one of the following: `document` - the entity represents a classification of a logical document. `object` - if the entity has properties it is likely an object (or or a document.) `datetime` - the entity is a date or time value. `money` - the entity represents a money value amount. `number` - the entity is a number - integer or floating point. `string` - the entity is a string value. `boolean` - the entity is a boolean value. `address` - the entity is a location address. `duration` - the entity is a duration.
-        "description": "A String", # Description of the entity type.
-        "enumValues": [ # If specified, lists all the possible values for this entity.
-          "A String",
-        ],
-        "occurrenceType": "A String", # Occurrence type limits the number of times an entity type appears in the document.
-        "properties": [ # Describing the nested structure of an entity. An EntityType may consist of several other EntityTypes. For example, in a document there can be an EntityType 'ID', which consists of EntityType 'name' and 'address', with corresponding attributes, such as TEXT for both types and ONCE for occurrence types.
-          # Object with schema name: GoogleCloudDocumentaiV1beta3SchemaEntityType
-        ],
-        "source": "A String", # Source of this entity type.
-        "type": "A String", # Name of the type. It must satisfy the following constraints: 1. Must be unique within the set of same level types (with case-insensitive match). 2. Maximum 50 characters. 3. Must start with a letter. 4. Allowed characters: ASCII letters [a-zA-Z], ASCII digits [0-9], or one of the following punctuation characters: * underscore '_' (recommended) * hyphen '-' (allowed, not recommended) * colon ':' (allowed, not recommended) NOTE: Whitespace characters are not allowed. 5. Cannot end with a punctuation character. 6. Cannot contain the following restricted strings: "google", "DocumentAI" (case-insensitive match). 7. A slash character '/' is reserved as a separator in flattened representations of nested entity types (e.g., "line_item/amount") in which case each part (e.g., "line_item", "amount") must comply with the rules defined above. We recommend using the snake case ("snake_case") in entity type names.
-      },
-    ],
-  },
   "state": "A String", # The state of the processor version.
 }</pre>
 </div>
@@ -330,41 +296,7 @@
     { # A processor version is an implementation of a processor. Each processor can have multiple versions, pre-trained by Google internally or up-trained by the customer. At a time, a processor can only have one default version version. So the processor&#x27;s behavior (when processing documents) is defined by a default version.
       &quot;createTime&quot;: &quot;A String&quot;, # The time the processor version was created.
       &quot;displayName&quot;: &quot;A String&quot;, # The display name of the processor version.
-      &quot;latestEvaluation&quot;: { # Gives a short summary of an evaluation, and links to the evaluation itself. # The most recently invoked evaluation for the processor version.
-        &quot;aggregateMetrics&quot;: { # Evaluation metrics, either in aggregate or about a specific entity. # An aggregate of the statistics for the evaluation.
-          &quot;f1Score&quot;: 3.14, # The calculated f1 score.
-          &quot;falseNegativesCount&quot;: 42, # The amount of false negatives.
-          &quot;falsePositivesCount&quot;: 42, # The amount of false positives.
-          &quot;groundTruthOccurrencesCount&quot;: 42, # The amount of occurrences in ground truth documents.
-          &quot;precision&quot;: 3.14, # The calculated precision.
-          &quot;predictedOccurrencesCount&quot;: 42, # The amount of occurrences in predicted documents.
-          &quot;recall&quot;: 3.14, # The calculated recall.
-          &quot;totalDocumentsCount&quot;: 42, # The amount of documents that had an occurrence of this label.
-          &quot;truePositivesCount&quot;: 42, # The amount of true positives.
-        },
-        &quot;evaluation&quot;: &quot;A String&quot;, # The resource name of the evaluation.
-        &quot;operation&quot;: &quot;A String&quot;, # The resource name of the Long Running Operation for the evaluation.
-      },
       &quot;name&quot;: &quot;A String&quot;, # The resource name of the processor version. Format: projects/{project}/locations/{location}/processors/{processor}/processorVersions/{processor_version}
-      &quot;schema&quot;: { # The schema defines the output of the processed document by a processor. # The schema of the processor version. Describes the output.
-        &quot;description&quot;: &quot;A String&quot;, # Description of the schema.
-        &quot;displayName&quot;: &quot;A String&quot;, # Display name to show to users.
-        &quot;entityTypes&quot;: [ # Entity types of the schema.
-          { # EntityType is the wrapper of a label of the corresponding model with detailed attributes and limitations for entity-based processors. Multiple types can also compose a dependency tree to represent nested types.
-            &quot;baseType&quot;: &quot;A String&quot;, # Type of the entity. It must be one of the following: `document` - the entity represents a classification of a logical document. `object` - if the entity has properties it is likely an object (or or a document.) `datetime` - the entity is a date or time value. `money` - the entity represents a money value amount. `number` - the entity is a number - integer or floating point. `string` - the entity is a string value. `boolean` - the entity is a boolean value. `address` - the entity is a location address. `duration` - the entity is a duration.
-            &quot;description&quot;: &quot;A String&quot;, # Description of the entity type.
-            &quot;enumValues&quot;: [ # If specified, lists all the possible values for this entity.
-              &quot;A String&quot;,
-            ],
-            &quot;occurrenceType&quot;: &quot;A String&quot;, # Occurrence type limits the number of times an entity type appears in the document.
-            &quot;properties&quot;: [ # Describing the nested structure of an entity. An EntityType may consist of several other EntityTypes. For example, in a document there can be an EntityType &#x27;ID&#x27;, which consists of EntityType &#x27;name&#x27; and &#x27;address&#x27;, with corresponding attributes, such as TEXT for both types and ONCE for occurrence types.
-              # Object with schema name: GoogleCloudDocumentaiV1beta3SchemaEntityType
-            ],
-            &quot;source&quot;: &quot;A String&quot;, # Source of this entity type.
-            &quot;type&quot;: &quot;A String&quot;, # Name of the type. It must satisfy the following constraints: 1. Must be unique within the set of same level types (with case-insensitive match). 2. Maximum 50 characters. 3. Must start with a letter. 4. Allowed characters: ASCII letters [a-zA-Z], ASCII digits [0-9], or one of the following punctuation characters: * underscore &#x27;_&#x27; (recommended) * hyphen &#x27;-&#x27; (allowed, not recommended) * colon &#x27;:&#x27; (allowed, not recommended) NOTE: Whitespace characters are not allowed. 5. Cannot end with a punctuation character. 6. Cannot contain the following restricted strings: &quot;google&quot;, &quot;DocumentAI&quot; (case-insensitive match). 7. A slash character &#x27;/&#x27; is reserved as a separator in flattened representations of nested entity types (e.g., &quot;line_item/amount&quot;) in which case each part (e.g., &quot;line_item&quot;, &quot;amount&quot;) must comply with the rules defined above. We recommend using the snake case (&quot;snake_case&quot;) in entity type names.
-          },
-        ],
-      },
       &quot;state&quot;: &quot;A String&quot;, # The state of the processor version.
     },
   ],

docs/dyn/domains_v1.projects.locations.registrations.html

diff --git a/docs/dyn/domains_v1.projects.locations.registrations.html b/docs/dyn/domains_v1.projects.locations.registrations.html
index e28b110..8d3e28c 100644
--- a/docs/dyn/domains_v1.projects.locations.registrations.html
+++ b/docs/dyn/domains_v1.projects.locations.registrations.html
@@ -88,10 +88,10 @@
 <p class="firstline">Updates a `Registration`'s management settings.</p>
 <p class="toc_element">
   <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
-<p class="firstline">Deletes a `Registration` resource. For `Registration` resources using usage billing, this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` This method works on any `Registration` resource using subscription billing, provided that the resource was created at least 1 day in the past. When an active domain is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.</p>
+<p class="firstline">Deletes a `Registration` resource. This method works on any `Registration` resource using [Subscription or Commitment billing](/domains/pricing#billing-models), provided that the resource was created at least 1 day in the past. For `Registration` resources using [Monthly billing](/domains/pricing#billing-models), this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` When an active registration is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.</p>
 <p class="toc_element">
   <code><a href="#export">export(name, body=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.</p>
+<p class="firstline">Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.</p>
 <p class="toc_element">
   <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
 <p class="firstline">Gets the details of a `Registration` resource.</p>
@@ -121,7 +121,7 @@
 <p class="firstline">Gets parameters needed to register a new domain name, including price and up-to-date availability. Use the returned values to call `RegisterDomain`.</p>
 <p class="toc_element">
   <code><a href="#retrieveTransferParameters">retrieveTransferParameters(location, domainName=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Use the returned values to call `TransferDomain`.</p>
+<p class="firstline">Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Use the returned values to call `TransferDomain`.</p>
 <p class="toc_element">
   <code><a href="#searchDomains">searchDomains(location, query=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Searches for available domain names similar to the provided query. Availability results from this method are approximate; call `RetrieveRegisterParameters` on a domain before registering to confirm availability.</p>
@@ -133,7 +133,7 @@
 <p class="firstline">Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.</p>
 <p class="toc_element">
   <code><a href="#transfer">transfer(parent, body=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Before calling this method, go to the domain's current registrar to unlock the domain for transfer and retrieve the domain's transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar's website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.</p>
+<p class="firstline">Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Before calling this method, go to the domain's current registrar to unlock the domain for transfer and retrieve the domain's transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar's website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.</p>
 <h3>Method Details</h3>
 <div class="method">
     <code class="details" id="close">close()</code>
@@ -177,7 +177,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -222,7 +222,7 @@
       },
     },
   },
-  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the registrant contact is being updated, the `update_mask` would be `&quot;registrant_contact&quot;`.
+  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the registrant contact is being updated, the `update_mask` is `&quot;registrant_contact&quot;`.
   &quot;validateOnly&quot;: True or False, # Validate the request without actually updating the contact settings.
 }
 
@@ -305,7 +305,7 @@
       ],
     },
   },
-  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the name servers are being updated for an existing Custom DNS configuration, the `update_mask` would be `&quot;custom_dns.name_servers&quot;`. When changing the DNS provider from one type to another, pass the new provider&#x27;s field name as part of the field mask. For example, when changing from a Google Domains DNS configuration to a Custom DNS configuration, the `update_mask` would be `&quot;custom_dns&quot;`. //
+  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the name servers are being updated for an existing Custom DNS configuration, the `update_mask` is `&quot;custom_dns.name_servers&quot;`. When changing the DNS provider from one type to another, pass the new provider&#x27;s field name as part of the field mask. For example, when changing from a Google Domains DNS configuration to a Custom DNS configuration, the `update_mask` is `&quot;custom_dns&quot;`. //
   &quot;validateOnly&quot;: True or False, # Validate the request without actually updating the DNS settings.
 }
 
@@ -352,7 +352,7 @@
     &quot;renewalMethod&quot;: &quot;A String&quot;, # Output only. The renewal method for this `Registration`.
     &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
   },
-  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the transfer lock is being updated, the `update_mask` would be `&quot;transfer_lock_state&quot;`.
+  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the transfer lock is being updated, the `update_mask` is `&quot;transfer_lock_state&quot;`.
 }
 
   x__xgafv: string, V1 error format.
@@ -386,7 +386,7 @@
 
 <div class="method">
     <code class="details" id="delete">delete(name, x__xgafv=None)</code>
-  <pre>Deletes a `Registration` resource. For `Registration` resources using usage billing, this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` This method works on any `Registration` resource using subscription billing, provided that the resource was created at least 1 day in the past. When an active domain is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.
+  <pre>Deletes a `Registration` resource. This method works on any `Registration` resource using [Subscription or Commitment billing](/domains/pricing#billing-models), provided that the resource was created at least 1 day in the past. For `Registration` resources using [Monthly billing](/domains/pricing#billing-models), this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` When an active registration is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.
 
 Args:
   name: string, Required. The name of the `Registration` to delete, in the format `projects/*/locations/*/registrations/*`. (required)
@@ -421,7 +421,7 @@
 
 <div class="method">
     <code class="details" id="export">export(name, body=None, x__xgafv=None)</code>
-  <pre>Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.
+  <pre>Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.
 
 Args:
   name: string, Required. The name of the `Registration` to export, in the format `projects/*/locations/*/registrations/*`. (required)
@@ -499,7 +499,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -598,7 +598,7 @@
     &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
   },
   &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
     &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -622,7 +622,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -680,7 +680,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -767,7 +767,7 @@
           },
         },
         &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
           &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
           &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
           &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -866,7 +866,7 @@
         &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
       },
       &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-      &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+      &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
         &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
           &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
           &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -890,7 +890,7 @@
           },
         },
         &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
           &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
           &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
           &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -992,7 +992,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1091,7 +1091,7 @@
     &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
   },
   &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
     &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1115,7 +1115,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1166,7 +1166,7 @@
   ],
 }
 
-  updateMask: string, Required. The field mask describing which fields to update as a comma-separated list. For example, if only the labels are being updated, the `update_mask` would be `&quot;labels&quot;`.
+  updateMask: string, Required. The field mask describing which fields to update as a comma-separated list. For example, if only the labels are being updated, the `update_mask` is `&quot;labels&quot;`.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -1237,7 +1237,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1336,7 +1336,7 @@
       &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
     },
     &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
       &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1360,7 +1360,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1410,7 +1410,7 @@
       &quot;A String&quot;,
     ],
   },
-  &quot;validateOnly&quot;: True or False, # When true, only validation will be performed, without actually registering the domain. Follows: https://cloud.google.com/apis/design/design_patterns#request_validation
+  &quot;validateOnly&quot;: True or False, # When true, only validation is performed, without actually registering the domain. Follows: https://cloud.google.com/apis/design/design_patterns#request_validation
   &quot;yearlyPrice&quot;: { # Represents an amount of money with its currency type. # Required. Yearly price to register or renew the domain. The value that should be put here can be obtained from RetrieveRegisterParameters or SearchDomains calls.
     &quot;currencyCode&quot;: &quot;A String&quot;, # The three-letter currency code defined in ISO 4217.
     &quot;nanos&quot;: 42, # Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000.
@@ -1527,7 +1527,7 @@
 
 <div class="method">
     <code class="details" id="retrieveTransferParameters">retrieveTransferParameters(location, domainName=None, x__xgafv=None)</code>
-  <pre>Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Use the returned values to call `TransferDomain`.
+  <pre>Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Use the returned values to call `TransferDomain`.
 
 Args:
   location: string, Required. The location. Must be in the format `projects/*/locations/*`. (required)
@@ -1713,7 +1713,7 @@
 
 <div class="method">
     <code class="details" id="transfer">transfer(parent, body=None, x__xgafv=None)</code>
-  <pre>Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Before calling this method, go to the domain&#x27;s current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar&#x27;s website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.
+  <pre>Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Before calling this method, go to the domain&#x27;s current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar&#x27;s website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.
 
 Args:
   parent: string, Required. The parent resource of the `Registration`. Must be in the format `projects/*/locations/*`. (required)
@@ -1727,7 +1727,7 @@
   &quot;contactNotices&quot;: [ # The list of contact notices that you acknowledge. The notices needed here depend on the values specified in `registration.contact_settings`.
     &quot;A String&quot;,
   ],
-  &quot;registration&quot;: { # The `Registration` resource facilitates managing and configuring domain name registrations. There are several ways to create a new `Registration` resource: To create a new `Registration` resource, find a suitable domain name by calling the `SearchDomains` method with a query to see available domain name options. After choosing a name, call `RetrieveRegisterParameters` to ensure availability and obtain information like pricing, which is needed to build a call to `RegisterDomain`. Another way to create a new `Registration` is to transfer an existing domain from another registrar. First, go to the current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to `TransferDomain`. # Required. The complete `Registration` resource to be created. You can leave `registration.dns_settings` unset to import the domain&#x27;s current DNS configuration from its current registrar. Use this option only if you are sure that the domain&#x27;s current DNS service will not cease upon transfer, as is often the case for DNS services provided for free by the registrar.
+  &quot;registration&quot;: { # The `Registration` resource facilitates managing and configuring domain name registrations. There are several ways to create a new `Registration` resource: To create a new `Registration` resource, find a suitable domain name by calling the `SearchDomains` method with a query to see available domain name options. After choosing a name, call `RetrieveRegisterParameters` to ensure availability and obtain information like pricing, which is needed to build a call to `RegisterDomain`. Another way to create a new `Registration` is to transfer an existing domain from another registrar. First, go to the current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to `TransferDomain`. # Required. The complete `Registration` resource to be created. You can leave `registration.dns_settings` unset to import the domain&#x27;s current DNS configuration from its current registrar. Use this option only if you are sure that the domain&#x27;s current DNS service does not cease upon transfer, as is often the case for DNS services provided for free by the registrar.
     &quot;contactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Required. Settings for contact information linked to the `Registration`. You cannot update these with the `UpdateRegistration` method. To update these settings, use the `ConfigureContactSettings` method.
       &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
@@ -1752,7 +1752,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1851,7 +1851,7 @@
       &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
     },
     &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
       &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1875,7 +1875,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.

docs/dyn/domains_v1alpha2.projects.locations.registrations.html

diff --git a/docs/dyn/domains_v1alpha2.projects.locations.registrations.html b/docs/dyn/domains_v1alpha2.projects.locations.registrations.html
index ed9cba9..d80d71d 100644
--- a/docs/dyn/domains_v1alpha2.projects.locations.registrations.html
+++ b/docs/dyn/domains_v1alpha2.projects.locations.registrations.html
@@ -88,10 +88,10 @@
 <p class="firstline">Updates a `Registration`'s management settings.</p>
 <p class="toc_element">
   <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
-<p class="firstline">Deletes a `Registration` resource. For `Registration` resources using usage billing, this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` This method works on any `Registration` resource using subscription billing, provided that the resource was created at least 1 day in the past. When an active domain is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.</p>
+<p class="firstline">Deletes a `Registration` resource. This method works on any `Registration` resource using [Subscription or Commitment billing](/domains/pricing#billing-models), provided that the resource was created at least 1 day in the past. For `Registration` resources using [Monthly billing](/domains/pricing#billing-models), this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` When an active registration is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.</p>
 <p class="toc_element">
   <code><a href="#export">export(name, body=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.</p>
+<p class="firstline">Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.</p>
 <p class="toc_element">
   <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
 <p class="firstline">Gets the details of a `Registration` resource.</p>
@@ -121,7 +121,7 @@
 <p class="firstline">Gets parameters needed to register a new domain name, including price and up-to-date availability. Use the returned values to call `RegisterDomain`.</p>
 <p class="toc_element">
   <code><a href="#retrieveTransferParameters">retrieveTransferParameters(location, domainName=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Use the returned values to call `TransferDomain`.</p>
+<p class="firstline">Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Use the returned values to call `TransferDomain`.</p>
 <p class="toc_element">
   <code><a href="#searchDomains">searchDomains(location, query=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Searches for available domain names similar to the provided query. Availability results from this method are approximate; call `RetrieveRegisterParameters` on a domain before registering to confirm availability.</p>
@@ -133,7 +133,7 @@
 <p class="firstline">Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.</p>
 <p class="toc_element">
   <code><a href="#transfer">transfer(parent, body=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Before calling this method, go to the domain's current registrar to unlock the domain for transfer and retrieve the domain's transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar's website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.</p>
+<p class="firstline">Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Before calling this method, go to the domain's current registrar to unlock the domain for transfer and retrieve the domain's transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar's website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.</p>
 <h3>Method Details</h3>
 <div class="method">
     <code class="details" id="close">close()</code>
@@ -177,7 +177,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -222,7 +222,7 @@
       },
     },
   },
-  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the registrant contact is being updated, the `update_mask` would be `&quot;registrant_contact&quot;`.
+  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the registrant contact is being updated, the `update_mask` is `&quot;registrant_contact&quot;`.
   &quot;validateOnly&quot;: True or False, # Validate the request without actually updating the contact settings.
 }
 
@@ -305,7 +305,7 @@
       ],
     },
   },
-  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the name servers are being updated for an existing Custom DNS configuration, the `update_mask` would be `&quot;custom_dns.name_servers&quot;`. When changing the DNS provider from one type to another, pass the new provider&#x27;s field name as part of the field mask. For example, when changing from a Google Domains DNS configuration to a Custom DNS configuration, the `update_mask` would be `&quot;custom_dns&quot;`. //
+  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the name servers are being updated for an existing Custom DNS configuration, the `update_mask` is `&quot;custom_dns.name_servers&quot;`. When changing the DNS provider from one type to another, pass the new provider&#x27;s field name as part of the field mask. For example, when changing from a Google Domains DNS configuration to a Custom DNS configuration, the `update_mask` is `&quot;custom_dns&quot;`. //
   &quot;validateOnly&quot;: True or False, # Validate the request without actually updating the DNS settings.
 }
 
@@ -352,7 +352,7 @@
     &quot;renewalMethod&quot;: &quot;A String&quot;, # Output only. The renewal method for this `Registration`.
     &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
   },
-  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the transfer lock is being updated, the `update_mask` would be `&quot;transfer_lock_state&quot;`.
+  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the transfer lock is being updated, the `update_mask` is `&quot;transfer_lock_state&quot;`.
 }
 
   x__xgafv: string, V1 error format.
@@ -386,7 +386,7 @@
 
 <div class="method">
     <code class="details" id="delete">delete(name, x__xgafv=None)</code>
-  <pre>Deletes a `Registration` resource. For `Registration` resources using usage billing, this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` This method works on any `Registration` resource using subscription billing, provided that the resource was created at least 1 day in the past. When an active domain is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.
+  <pre>Deletes a `Registration` resource. This method works on any `Registration` resource using [Subscription or Commitment billing](/domains/pricing#billing-models), provided that the resource was created at least 1 day in the past. For `Registration` resources using [Monthly billing](/domains/pricing#billing-models), this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` When an active registration is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.
 
 Args:
   name: string, Required. The name of the `Registration` to delete, in the format `projects/*/locations/*/registrations/*`. (required)
@@ -421,7 +421,7 @@
 
 <div class="method">
     <code class="details" id="export">export(name, body=None, x__xgafv=None)</code>
-  <pre>Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.
+  <pre>Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.
 
 Args:
   name: string, Required. The name of the `Registration` to export, in the format `projects/*/locations/*/registrations/*`. (required)
@@ -499,7 +499,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -598,7 +598,7 @@
     &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
   },
   &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
     &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -622,7 +622,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -680,7 +680,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -767,7 +767,7 @@
           },
         },
         &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
           &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
           &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
           &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -866,7 +866,7 @@
         &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
       },
       &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-      &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+      &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
         &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
           &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
           &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -890,7 +890,7 @@
           },
         },
         &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
           &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
           &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
           &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -992,7 +992,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1091,7 +1091,7 @@
     &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
   },
   &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
     &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1115,7 +1115,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1166,7 +1166,7 @@
   ],
 }
 
-  updateMask: string, Required. The field mask describing which fields to update as a comma-separated list. For example, if only the labels are being updated, the `update_mask` would be `&quot;labels&quot;`.
+  updateMask: string, Required. The field mask describing which fields to update as a comma-separated list. For example, if only the labels are being updated, the `update_mask` is `&quot;labels&quot;`.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -1237,7 +1237,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1336,7 +1336,7 @@
       &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
     },
     &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
       &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1360,7 +1360,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1410,7 +1410,7 @@
       &quot;A String&quot;,
     ],
   },
-  &quot;validateOnly&quot;: True or False, # When true, only validation will be performed, without actually registering the domain. Follows: https://cloud.google.com/apis/design/design_patterns#request_validation
+  &quot;validateOnly&quot;: True or False, # When true, only validation is performed, without actually registering the domain. Follows: https://cloud.google.com/apis/design/design_patterns#request_validation
   &quot;yearlyPrice&quot;: { # Represents an amount of money with its currency type. # Required. Yearly price to register or renew the domain. The value that should be put here can be obtained from RetrieveRegisterParameters or SearchDomains calls.
     &quot;currencyCode&quot;: &quot;A String&quot;, # The three-letter currency code defined in ISO 4217.
     &quot;nanos&quot;: 42, # Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000.
@@ -1527,7 +1527,7 @@
 
 <div class="method">
     <code class="details" id="retrieveTransferParameters">retrieveTransferParameters(location, domainName=None, x__xgafv=None)</code>
-  <pre>Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Use the returned values to call `TransferDomain`.
+  <pre>Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Use the returned values to call `TransferDomain`.
 
 Args:
   location: string, Required. The location. Must be in the format `projects/*/locations/*`. (required)
@@ -1713,7 +1713,7 @@
 
 <div class="method">
     <code class="details" id="transfer">transfer(parent, body=None, x__xgafv=None)</code>
-  <pre>Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Before calling this method, go to the domain&#x27;s current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar&#x27;s website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.
+  <pre>Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Before calling this method, go to the domain&#x27;s current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar&#x27;s website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.
 
 Args:
   parent: string, Required. The parent resource of the `Registration`. Must be in the format `projects/*/locations/*`. (required)
@@ -1727,7 +1727,7 @@
   &quot;contactNotices&quot;: [ # The list of contact notices that you acknowledge. The notices needed here depend on the values specified in `registration.contact_settings`.
     &quot;A String&quot;,
   ],
-  &quot;registration&quot;: { # The `Registration` resource facilitates managing and configuring domain name registrations. There are several ways to create a new `Registration` resource: To create a new `Registration` resource, find a suitable domain name by calling the `SearchDomains` method with a query to see available domain name options. After choosing a name, call `RetrieveRegisterParameters` to ensure availability and obtain information like pricing, which is needed to build a call to `RegisterDomain`. Another way to create a new `Registration` is to transfer an existing domain from another registrar. First, go to the current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to `TransferDomain`. # Required. The complete `Registration` resource to be created. You can leave `registration.dns_settings` unset to import the domain&#x27;s current DNS configuration from its current registrar. Use this option only if you are sure that the domain&#x27;s current DNS service will not cease upon transfer, as is often the case for DNS services provided for free by the registrar.
+  &quot;registration&quot;: { # The `Registration` resource facilitates managing and configuring domain name registrations. There are several ways to create a new `Registration` resource: To create a new `Registration` resource, find a suitable domain name by calling the `SearchDomains` method with a query to see available domain name options. After choosing a name, call `RetrieveRegisterParameters` to ensure availability and obtain information like pricing, which is needed to build a call to `RegisterDomain`. Another way to create a new `Registration` is to transfer an existing domain from another registrar. First, go to the current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to `TransferDomain`. # Required. The complete `Registration` resource to be created. You can leave `registration.dns_settings` unset to import the domain&#x27;s current DNS configuration from its current registrar. Use this option only if you are sure that the domain&#x27;s current DNS service does not cease upon transfer, as is often the case for DNS services provided for free by the registrar.
     &quot;contactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Required. Settings for contact information linked to the `Registration`. You cannot update these with the `UpdateRegistration` method. To update these settings, use the `ConfigureContactSettings` method.
       &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
@@ -1752,7 +1752,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1851,7 +1851,7 @@
       &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
     },
     &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
       &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1875,7 +1875,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.

docs/dyn/domains_v1beta1.projects.locations.registrations.html

diff --git a/docs/dyn/domains_v1beta1.projects.locations.registrations.html b/docs/dyn/domains_v1beta1.projects.locations.registrations.html
index f4b456c..18306fa 100644
--- a/docs/dyn/domains_v1beta1.projects.locations.registrations.html
+++ b/docs/dyn/domains_v1beta1.projects.locations.registrations.html
@@ -88,10 +88,10 @@
 <p class="firstline">Updates a `Registration`'s management settings.</p>
 <p class="toc_element">
   <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
-<p class="firstline">Deletes a `Registration` resource. For `Registration` resources using usage billing, this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` This method works on any `Registration` resource using subscription billing, provided that the resource was created at least 1 day in the past. When an active domain is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.</p>
+<p class="firstline">Deletes a `Registration` resource. This method works on any `Registration` resource using [Subscription or Commitment billing](/domains/pricing#billing-models), provided that the resource was created at least 1 day in the past. For `Registration` resources using [Monthly billing](/domains/pricing#billing-models), this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` When an active registration is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.</p>
 <p class="toc_element">
   <code><a href="#export">export(name, body=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.</p>
+<p class="firstline">Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain's sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.</p>
 <p class="toc_element">
   <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
 <p class="firstline">Gets the details of a `Registration` resource.</p>
@@ -121,7 +121,7 @@
 <p class="firstline">Gets parameters needed to register a new domain name, including price and up-to-date availability. Use the returned values to call `RegisterDomain`.</p>
 <p class="toc_element">
   <code><a href="#retrieveTransferParameters">retrieveTransferParameters(location, domainName=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Use the returned values to call `TransferDomain`.</p>
+<p class="firstline">Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Use the returned values to call `TransferDomain`.</p>
 <p class="toc_element">
   <code><a href="#searchDomains">searchDomains(location, query=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Searches for available domain names similar to the provided query. Availability results from this method are approximate; call `RetrieveRegisterParameters` on a domain before registering to confirm availability.</p>
@@ -133,7 +133,7 @@
 <p class="firstline">Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.</p>
 <p class="toc_element">
   <code><a href="#transfer">transfer(parent, body=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Before calling this method, go to the domain's current registrar to unlock the domain for transfer and retrieve the domain's transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar's website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.</p>
+<p class="firstline">Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Before calling this method, go to the domain's current registrar to unlock the domain for transfer and retrieve the domain's transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar's website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.</p>
 <h3>Method Details</h3>
 <div class="method">
     <code class="details" id="close">close()</code>
@@ -177,7 +177,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -222,7 +222,7 @@
       },
     },
   },
-  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the registrant contact is being updated, the `update_mask` would be `&quot;registrant_contact&quot;`.
+  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the registrant contact is being updated, the `update_mask` is `&quot;registrant_contact&quot;`.
   &quot;validateOnly&quot;: True or False, # Validate the request without actually updating the contact settings.
 }
 
@@ -305,7 +305,7 @@
       ],
     },
   },
-  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the name servers are being updated for an existing Custom DNS configuration, the `update_mask` would be `&quot;custom_dns.name_servers&quot;`. When changing the DNS provider from one type to another, pass the new provider&#x27;s field name as part of the field mask. For example, when changing from a Google Domains DNS configuration to a Custom DNS configuration, the `update_mask` would be `&quot;custom_dns&quot;`. //
+  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the name servers are being updated for an existing Custom DNS configuration, the `update_mask` is `&quot;custom_dns.name_servers&quot;`. When changing the DNS provider from one type to another, pass the new provider&#x27;s field name as part of the field mask. For example, when changing from a Google Domains DNS configuration to a Custom DNS configuration, the `update_mask` is `&quot;custom_dns&quot;`. //
   &quot;validateOnly&quot;: True or False, # Validate the request without actually updating the DNS settings.
 }
 
@@ -352,7 +352,7 @@
     &quot;renewalMethod&quot;: &quot;A String&quot;, # Output only. The renewal method for this `Registration`.
     &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
   },
-  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the transfer lock is being updated, the `update_mask` would be `&quot;transfer_lock_state&quot;`.
+  &quot;updateMask&quot;: &quot;A String&quot;, # Required. The field mask describing which fields to update as a comma-separated list. For example, if only the transfer lock is being updated, the `update_mask` is `&quot;transfer_lock_state&quot;`.
 }
 
   x__xgafv: string, V1 error format.
@@ -386,7 +386,7 @@
 
 <div class="method">
     <code class="details" id="delete">delete(name, x__xgafv=None)</code>
-  <pre>Deletes a `Registration` resource. For `Registration` resources using usage billing, this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` This method works on any `Registration` resource using subscription billing, provided that the resource was created at least 1 day in the past. When an active domain is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.
+  <pre>Deletes a `Registration` resource. This method works on any `Registration` resource using [Subscription or Commitment billing](/domains/pricing#billing-models), provided that the resource was created at least 1 day in the past. For `Registration` resources using [Monthly billing](/domains/pricing#billing-models), this method works if: * `state` is `EXPORTED` with `expire_time` in the past * `state` is `REGISTRATION_FAILED` * `state` is `TRANSFER_FAILED` When an active registration is successfully deleted, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.
 
 Args:
   name: string, Required. The name of the `Registration` to delete, in the format `projects/*/locations/*/registrations/*`. (required)
@@ -421,7 +421,7 @@
 
 <div class="method">
     <code class="details" id="export">export(name, body=None, x__xgafv=None)</code>
-  <pre>Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain will not renew automatically unless the new owner sets up billing in Google Domains.
+  <pre>Exports a `Registration` resource, such that it is no longer managed by Cloud Domains. When an active domain is successfully exported, you can continue to use the domain in [Google Domains](https://domains.google/) until it expires. The calling user becomes the domain&#x27;s sole owner in Google Domains, and permissions for the domain are subsequently managed there. The domain does not renew automatically unless the new owner sets up billing in Google Domains.
 
 Args:
   name: string, Required. The name of the `Registration` to export, in the format `projects/*/locations/*/registrations/*`. (required)
@@ -499,7 +499,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -598,7 +598,7 @@
     &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
   },
   &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
     &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -622,7 +622,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -680,7 +680,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -767,7 +767,7 @@
           },
         },
         &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
           &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
           &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
           &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -866,7 +866,7 @@
         &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
       },
       &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-      &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+      &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
         &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
           &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
           &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -890,7 +890,7 @@
           },
         },
         &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+        &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
           &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
           &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
           &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -992,7 +992,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1091,7 +1091,7 @@
     &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
   },
   &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+  &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
     &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1115,7 +1115,7 @@
       },
     },
     &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+    &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
       &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
       &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
       &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1166,7 +1166,7 @@
   ],
 }
 
-  updateMask: string, Required. The field mask describing which fields to update as a comma-separated list. For example, if only the labels are being updated, the `update_mask` would be `&quot;labels&quot;`.
+  updateMask: string, Required. The field mask describing which fields to update as a comma-separated list. For example, if only the labels are being updated, the `update_mask` is `&quot;labels&quot;`.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -1237,7 +1237,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1336,7 +1336,7 @@
       &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
     },
     &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
       &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1360,7 +1360,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1410,7 +1410,7 @@
       &quot;A String&quot;,
     ],
   },
-  &quot;validateOnly&quot;: True or False, # When true, only validation will be performed, without actually registering the domain. Follows: https://cloud.google.com/apis/design/design_patterns#request_validation
+  &quot;validateOnly&quot;: True or False, # When true, only validation is performed, without actually registering the domain. Follows: https://cloud.google.com/apis/design/design_patterns#request_validation
   &quot;yearlyPrice&quot;: { # Represents an amount of money with its currency type. # Required. Yearly price to register or renew the domain. The value that should be put here can be obtained from RetrieveRegisterParameters or SearchDomains calls.
     &quot;currencyCode&quot;: &quot;A String&quot;, # The three-letter currency code defined in ISO 4217.
     &quot;nanos&quot;: 42, # Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000.
@@ -1527,7 +1527,7 @@
 
 <div class="method">
     <code class="details" id="retrieveTransferParameters">retrieveTransferParameters(location, domainName=None, x__xgafv=None)</code>
-  <pre>Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Use the returned values to call `TransferDomain`.
+  <pre>Gets parameters needed to transfer a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Use the returned values to call `TransferDomain`.
 
 Args:
   location: string, Required. The location. Must be in the format `projects/*/locations/*`. (required)
@@ -1713,7 +1713,7 @@
 
 <div class="method">
     <code class="details" id="transfer">transfer(parent, body=None, x__xgafv=None)</code>
-  <pre>Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not yet supported. Before calling this method, go to the domain&#x27;s current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar&#x27;s website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.
+  <pre>Transfers a domain name from another registrar to Cloud Domains. For domains managed by Google Domains, transferring to Cloud Domains is not supported. Before calling this method, go to the domain&#x27;s current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to this method. A successful call creates a `Registration` resource in state `TRANSFER_PENDING`. It can take several days to complete the transfer process. The registrant can often speed up this process by approving the transfer through the current registrar, either by clicking a link in an email from the registrar or by visiting the registrar&#x27;s website. A few minutes after transfer approval, the resource transitions to state `ACTIVE`, indicating that the transfer was successful. If the transfer is rejected or the request expires without being approved, the resource can end up in state `TRANSFER_FAILED`. If transfer fails, you can safely delete the resource and retry the transfer.
 
 Args:
   parent: string, Required. The parent resource of the `Registration`. Must be in the format `projects/*/locations/*`. (required)
@@ -1727,7 +1727,7 @@
   &quot;contactNotices&quot;: [ # The list of contact notices that you acknowledge. The notices needed here depend on the values specified in `registration.contact_settings`.
     &quot;A String&quot;,
   ],
-  &quot;registration&quot;: { # The `Registration` resource facilitates managing and configuring domain name registrations. There are several ways to create a new `Registration` resource: To create a new `Registration` resource, find a suitable domain name by calling the `SearchDomains` method with a query to see available domain name options. After choosing a name, call `RetrieveRegisterParameters` to ensure availability and obtain information like pricing, which is needed to build a call to `RegisterDomain`. Another way to create a new `Registration` is to transfer an existing domain from another registrar. First, go to the current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to `TransferDomain`. # Required. The complete `Registration` resource to be created. You can leave `registration.dns_settings` unset to import the domain&#x27;s current DNS configuration from its current registrar. Use this option only if you are sure that the domain&#x27;s current DNS service will not cease upon transfer, as is often the case for DNS services provided for free by the registrar.
+  &quot;registration&quot;: { # The `Registration` resource facilitates managing and configuring domain name registrations. There are several ways to create a new `Registration` resource: To create a new `Registration` resource, find a suitable domain name by calling the `SearchDomains` method with a query to see available domain name options. After choosing a name, call `RetrieveRegisterParameters` to ensure availability and obtain information like pricing, which is needed to build a call to `RegisterDomain`. Another way to create a new `Registration` is to transfer an existing domain from another registrar. First, go to the current registrar to unlock the domain for transfer and retrieve the domain&#x27;s transfer authorization code. Then call `RetrieveTransferParameters` to confirm that the domain is unlocked and to get values needed to build a call to `TransferDomain`. # Required. The complete `Registration` resource to be created. You can leave `registration.dns_settings` unset to import the domain&#x27;s current DNS configuration from its current registrar. Use this option only if you are sure that the domain&#x27;s current DNS service does not cease upon transfer, as is often the case for DNS services provided for free by the registrar.
     &quot;contactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Required. Settings for contact information linked to the `Registration`. You cannot update these with the `UpdateRegistration` method. To update these settings, use the `ConfigureContactSettings` method.
       &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
@@ -1752,7 +1752,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1851,7 +1851,7 @@
       &quot;transferLockState&quot;: &quot;A String&quot;, # Controls whether the domain can be transferred to another registrar.
     },
     &quot;name&quot;: &quot;A String&quot;, # Output only. Name of the `Registration` resource, in the format `projects/*/locations/*/registrations/`.
-    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not yet been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
+    &quot;pendingContactSettings&quot;: { # Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain&#x27;s legal owner, and often the other contacts are identical. # Output only. Pending contact settings for the `Registration`. Updates to the `contact_settings` field that change its `registrant_contact` or `privacy` fields require email confirmation by the `registrant_contact` before taking effect. This field is set only if there are pending updates to the `contact_settings` that have not been confirmed. To confirm the changes, the `registrant_contact` must follow the instructions in the email they receive.
       &quot;adminContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The administrative contact for the `Registration`.
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
@@ -1875,7 +1875,7 @@
         },
       },
       &quot;privacy&quot;: &quot;A String&quot;, # Required. Privacy setting for the contacts associated with the `Registration`.
-      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant will receive an email confirmation that they must complete within 15 days to avoid domain suspension.*
+      &quot;registrantContact&quot;: { # Details required for a contact associated with a `Registration`. # Required. The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*
         &quot;email&quot;: &quot;A String&quot;, # Required. Email address of the contact.
         &quot;faxNumber&quot;: &quot;A String&quot;, # Fax number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.
         &quot;phoneNumber&quot;: &quot;A String&quot;, # Required. Phone number of the contact in international format. For example, `&quot;+1-800-555-0123&quot;`.

docs/dyn/drive_v2.changes.html

diff --git a/docs/dyn/drive_v2.changes.html b/docs/dyn/drive_v2.changes.html
index ac8e160..d9c1f11 100644
--- a/docs/dyn/drive_v2.changes.html
+++ b/docs/dyn/drive_v2.changes.html
@@ -164,6 +164,7 @@
     "canComment": True or False, # Deprecated: use capabilities/canComment.
     "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
     "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+      "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
       "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
       "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
       "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -354,6 +355,7 @@
         "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
         "kind": "drive#permission", # This is always drive#permission.
         "name": "A String", # The name for this permission.
+        "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
         "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
           {
             "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -476,6 +478,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -680,6 +683,7 @@
         "canComment": True or False, # Deprecated: use capabilities/canComment.
         "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
         "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+          "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
           "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
           "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
           "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -870,6 +874,7 @@
             "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
             "kind": "drive#permission", # This is always drive#permission.
             "name": "A String", # The name for this permission.
+            "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
             "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
               {
                 "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -992,6 +997,7 @@
           "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
           "kind": "drive#permission", # This is always drive#permission.
           "name": "A String", # The name for this permission.
+          "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
           "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
             {
               "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.

docs/dyn/drive_v2.files.html

diff --git a/docs/dyn/drive_v2.files.html b/docs/dyn/drive_v2.files.html
index 144e51d..9746623 100644
--- a/docs/dyn/drive_v2.files.html
+++ b/docs/dyn/drive_v2.files.html
@@ -152,6 +152,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -342,6 +343,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -464,6 +466,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -544,6 +547,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -734,6 +738,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -856,6 +861,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -1001,6 +1007,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -1191,6 +1198,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -1313,6 +1321,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -1407,6 +1416,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -1597,6 +1607,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -1719,6 +1730,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -1802,6 +1814,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -1992,6 +2005,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -2114,6 +2128,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -2211,6 +2226,7 @@
       "canComment": True or False, # Deprecated: use capabilities/canComment.
       "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
       "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+        "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
         "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
         "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
         "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -2401,6 +2417,7 @@
           "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
           "kind": "drive#permission", # This is always drive#permission.
           "name": "A String", # The name for this permission.
+          "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
           "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
             {
               "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -2523,6 +2540,7 @@
         "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
         "kind": "drive#permission", # This is always drive#permission.
         "name": "A String", # The name for this permission.
+        "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
         "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
           {
             "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -2615,6 +2633,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -2805,6 +2824,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -2927,6 +2947,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -3017,6 +3038,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -3207,6 +3229,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -3329,6 +3352,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -3405,6 +3429,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -3595,6 +3620,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -3717,6 +3743,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -3793,6 +3820,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -3983,6 +4011,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -4105,6 +4134,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -4181,6 +4211,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -4371,6 +4402,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -4493,6 +4525,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -4565,6 +4598,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -4755,6 +4789,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -4877,6 +4912,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -4969,6 +5005,7 @@
   "canComment": True or False, # Deprecated: use capabilities/canComment.
   "canReadRevisions": True or False, # Deprecated: use capabilities/canReadRevisions.
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -5159,6 +5196,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -5281,6 +5319,7 @@
     "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
     "kind": "drive#permission", # This is always drive#permission.
     "name": "A String", # The name for this permission.
+    "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
     "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
       {
         "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.

docs/dyn/drive_v2.permissions.html

diff --git a/docs/dyn/drive_v2.permissions.html b/docs/dyn/drive_v2.permissions.html
index 24f4acb..e023582 100644
--- a/docs/dyn/drive_v2.permissions.html
+++ b/docs/dyn/drive_v2.permissions.html
@@ -152,6 +152,7 @@
   "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
   "kind": "drive#permission", # This is always drive#permission.
   "name": "A String", # The name for this permission.
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -242,6 +243,7 @@
   "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
   "kind": "drive#permission", # This is always drive#permission.
   "name": "A String", # The name for this permission.
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -317,6 +319,7 @@
   "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
   "kind": "drive#permission", # This is always drive#permission.
   "name": "A String", # The name for this permission.
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -401,6 +404,7 @@
       "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
       "kind": "drive#permission", # This is always drive#permission.
       "name": "A String", # The name for this permission.
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -495,6 +499,7 @@
   "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
   "kind": "drive#permission", # This is always drive#permission.
   "name": "A String", # The name for this permission.
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -568,6 +573,7 @@
   "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
   "kind": "drive#permission", # This is always drive#permission.
   "name": "A String", # The name for this permission.
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -643,6 +649,7 @@
   "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
   "kind": "drive#permission", # This is always drive#permission.
   "name": "A String", # The name for this permission.
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.
@@ -716,6 +723,7 @@
   "id": "A String", # The ID of the user this permission refers to, and identical to the permissionId in the About and Files resources. When making a drive.permissions.insert request, exactly one of the id or value fields must be specified unless the permission type is anyone, in which case both id and value are ignored.
   "kind": "drive#permission", # This is always drive#permission.
   "name": "A String", # The name for this permission.
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "additionalRoles": [ # Additional roles for this user. Only commenter is currently possible, though more may be supported in the future.

docs/dyn/drive_v3.changes.html

diff --git a/docs/dyn/drive_v3.changes.html b/docs/dyn/drive_v3.changes.html
index 86d5675..24ba615 100644
--- a/docs/dyn/drive_v3.changes.html
+++ b/docs/dyn/drive_v3.changes.html
@@ -189,6 +189,7 @@
           "a_key": "A String",
         },
         "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+          "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
           "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
           "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
           "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -352,6 +353,7 @@
                 # - The time cannot be more than a year in the future
             "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
             "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+            "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
             "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
               {
                 "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.

docs/dyn/drive_v3.files.html

diff --git a/docs/dyn/drive_v3.files.html b/docs/dyn/drive_v3.files.html
index 964c76b..6a11dfe 100644
--- a/docs/dyn/drive_v3.files.html
+++ b/docs/dyn/drive_v3.files.html
@@ -140,6 +140,7 @@
     "a_key": "A String",
   },
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -303,6 +304,7 @@
           # - The time cannot be more than a year in the future
       "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
       "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -412,6 +414,7 @@
     "a_key": "A String",
   },
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -575,6 +578,7 @@
           # - The time cannot be more than a year in the future
       "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
       "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -682,6 +686,7 @@
     "a_key": "A String",
   },
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -845,6 +850,7 @@
           # - The time cannot be more than a year in the future
       "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
       "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -957,6 +963,7 @@
     "a_key": "A String",
   },
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -1120,6 +1127,7 @@
           # - The time cannot be more than a year in the future
       "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
       "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -1295,6 +1303,7 @@
     "a_key": "A String",
   },
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -1458,6 +1467,7 @@
           # - The time cannot be more than a year in the future
       "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
       "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -1602,6 +1612,7 @@
         "a_key": "A String",
       },
       "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+        "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
         "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
         "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
         "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -1765,6 +1776,7 @@
               # - The time cannot be more than a year in the future
           "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
           "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+          "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
           "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
             {
               "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -1892,6 +1904,7 @@
     "a_key": "A String",
   },
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -2055,6 +2068,7 @@
           # - The time cannot be more than a year in the future
       "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
       "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -2168,6 +2182,7 @@
     "a_key": "A String",
   },
   "capabilities": { # Capabilities the current user has on this file. Each capability corresponds to a fine-grained action that a user may take.
+    "canAcceptOwnership": True or False, # Whether the current user is the pending owner of the file. Not populated for shared drive files.
     "canAddChildren": True or False, # Whether the current user can add children to this folder. This is always false when the item is not a folder.
     "canAddFolderFromAnotherDrive": True or False, # Whether the current user can add a folder from another drive (different shared drive or My Drive) to this folder. This is false when the item is not a folder. Only populated for items in shared drives.
     "canAddMyDriveParent": True or False, # Whether the current user can add a parent for the item without removing an existing parent in the same request. Not populated for shared drive files.
@@ -2331,6 +2346,7 @@
           # - The time cannot be more than a year in the future
       "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
       "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.

docs/dyn/drive_v3.permissions.html

diff --git a/docs/dyn/drive_v3.permissions.html b/docs/dyn/drive_v3.permissions.html
index 0b46d51..79866a9 100644
--- a/docs/dyn/drive_v3.permissions.html
+++ b/docs/dyn/drive_v3.permissions.html
@@ -126,6 +126,7 @@
       # - The time cannot be more than a year in the future
   "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
   "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -193,6 +194,7 @@
       # - The time cannot be more than a year in the future
   "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
   "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -276,6 +278,7 @@
       # - The time cannot be more than a year in the future
   "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
   "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -352,6 +355,7 @@
           # - The time cannot be more than a year in the future
       "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
       "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+      "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
       "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
         {
           "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -434,6 +438,7 @@
       # - The time cannot be more than a year in the future
   "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
   "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.
@@ -498,6 +503,7 @@
       # - The time cannot be more than a year in the future
   "id": "A String", # The ID of this permission. This is a unique identifier for the grantee, and is published in User resources as permissionId. IDs should be treated as opaque values.
   "kind": "drive#permission", # Identifies what kind of resource this is. Value: the fixed string "drive#permission".
+  "pendingOwner": True or False, # Whether the account associated with this permission is a pending owner. Only populated for user type permissions for files that are not in a shared drive.
   "permissionDetails": [ # Details of whether the permissions on this shared drive item are inherited or directly on this item. This is an output-only field which is present only for shared drive items.
     {
       "inherited": True or False, # Whether this permission is inherited. This field is always populated. This is an output-only field.

docs/dyn/eventarc_v1.projects.locations.channels.html

diff --git a/docs/dyn/eventarc_v1.projects.locations.channels.html b/docs/dyn/eventarc_v1.projects.locations.channels.html
index 88b74a5..05b63c9 100644
--- a/docs/dyn/eventarc_v1.projects.locations.channels.html
+++ b/docs/dyn/eventarc_v1.projects.locations.channels.html
@@ -98,7 +98,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/eventarc_v1.projects.locations.triggers.html

diff --git a/docs/dyn/eventarc_v1.projects.locations.triggers.html b/docs/dyn/eventarc_v1.projects.locations.triggers.html
index 3a2a42c..758385c 100644
--- a/docs/dyn/eventarc_v1.projects.locations.triggers.html
+++ b/docs/dyn/eventarc_v1.projects.locations.triggers.html
@@ -285,7 +285,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/eventarc_v1beta1.projects.locations.triggers.html

diff --git a/docs/dyn/eventarc_v1beta1.projects.locations.triggers.html b/docs/dyn/eventarc_v1beta1.projects.locations.triggers.html
index d188af2..4cb2256 100644
--- a/docs/dyn/eventarc_v1beta1.projects.locations.triggers.html
+++ b/docs/dyn/eventarc_v1beta1.projects.locations.triggers.html
@@ -269,7 +269,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/file_v1.projects.locations.instances.html

diff --git a/docs/dyn/file_v1.projects.locations.instances.html b/docs/dyn/file_v1.projects.locations.instances.html
index 0e21332..0ea3282 100644
--- a/docs/dyn/file_v1.projects.locations.instances.html
+++ b/docs/dyn/file_v1.projects.locations.instances.html
@@ -75,13 +75,18 @@
 <h1><a href="file_v1.html">Cloud Filestore API</a> . <a href="file_v1.projects.html">projects</a> . <a href="file_v1.projects.locations.html">locations</a> . <a href="file_v1.projects.locations.instances.html">instances</a></h1>
 <h2>Instance Methods</h2>
 <p class="toc_element">
+  <code><a href="file_v1.projects.locations.instances.snapshots.html">snapshots()</a></code>
+</p>
+<p class="firstline">Returns the snapshots Resource.</p>
+
+<p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
 <p class="toc_element">
   <code><a href="#create">create(parent, body=None, instanceId=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Creates an instance. When creating from a backup, the capacity of the new instance needs to be equal to or larger than the capacity of the backup (and also equal to or larger than the minimum capacity of the tier).</p>
 <p class="toc_element">
-  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
+  <code><a href="#delete">delete(name, force=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Deletes an instance.</p>
 <p class="toc_element">
   <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
@@ -135,12 +140,14 @@
       &quot;sourceBackup&quot;: &quot;A String&quot;, # The resource name of the backup, in the format `projects/{project_number}/locations/{location_id}/backups/{backup_id}`, that this file share has been restored from.
     },
   ],
+  &quot;kmsKeyName&quot;: &quot;A String&quot;, # KMS key name used for data encryption.
   &quot;labels&quot;: { # Resource labels to represent user provided metadata.
     &quot;a_key&quot;: &quot;A String&quot;,
   },
   &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the instance, in the format `projects/{project}/locations/{location}/instances/{instance}`.
   &quot;networks&quot;: [ # VPC networks to which the instance is connected. For this version, only a single network is supported.
     { # Network configuration for the instance.
+      &quot;connectMode&quot;: &quot;A String&quot;, # The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING.
       &quot;ipAddresses&quot;: [ # Output only. IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or IPv6 addresses in the format `{block1}:{block2}:{block3}:{block4}:{block5}:{block6}:{block7}:{block8}`.
         &quot;A String&quot;,
       ],
@@ -148,12 +155,15 @@
         &quot;A String&quot;,
       ],
       &quot;network&quot;: &quot;A String&quot;, # The name of the Google Compute Engine [VPC network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected.
-      &quot;reservedIpRange&quot;: &quot;A String&quot;, # A /29 CIDR block in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29 or 192.168.0.0/29. The range you specify can&#x27;t overlap with either existing subnets or assigned IP address ranges for other Cloud Filestore instances in the selected VPC network.
+      &quot;reservedIpRange&quot;: &quot;A String&quot;, # Optional, reserved_ip_range can have one of the following two types of values. * CIDR range value when using DIRECT_PEERING connect mode. * [Allocated IP address range](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address) when using PRIVATE_SERVICE_ACCESS connect mode. When the name of an allocated IP address range is specified, it must be one of the ranges associated with the private service access connection. When specified as a direct CIDR value, it must be a /29 CIDR block for Basic tier or a /24 CIDR block for High Scale or Enterprise tier in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29 or 192.168.0.0/24. The range you specify can&#x27;t overlap with either existing subnets or assigned IP address ranges for other Cloud Filestore instances in the selected VPC network.
     },
   ],
   &quot;satisfiesPzs&quot;: True or False, # Output only. Reserved for future use.
   &quot;state&quot;: &quot;A String&quot;, # Output only. The instance state.
   &quot;statusMessage&quot;: &quot;A String&quot;, # Output only. Additional information about the instance state, if available.
+  &quot;suspensionReasons&quot;: [ # Output only. field indicates all the reasons the instance is in &quot;SUSPENDED&quot; state.
+    &quot;A String&quot;,
+  ],
   &quot;tier&quot;: &quot;A String&quot;, # The service tier of the instance.
 }
 
@@ -188,11 +198,12 @@
 </div>
 
 <div class="method">
-    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
+    <code class="details" id="delete">delete(name, force=None, x__xgafv=None)</code>
   <pre>Deletes an instance.
 
 Args:
   name: string, Required. The instance resource name, in the format `projects/{project_id}/locations/{location}/instances/{instance_id}` (required)
+  force: boolean, If set to true, all snapshots of the instance will also be deleted. (Otherwise, the request will only work if the instance has no snapshots.)
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -258,12 +269,14 @@
       &quot;sourceBackup&quot;: &quot;A String&quot;, # The resource name of the backup, in the format `projects/{project_number}/locations/{location_id}/backups/{backup_id}`, that this file share has been restored from.
     },
   ],
+  &quot;kmsKeyName&quot;: &quot;A String&quot;, # KMS key name used for data encryption.
   &quot;labels&quot;: { # Resource labels to represent user provided metadata.
     &quot;a_key&quot;: &quot;A String&quot;,
   },
   &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the instance, in the format `projects/{project}/locations/{location}/instances/{instance}`.
   &quot;networks&quot;: [ # VPC networks to which the instance is connected. For this version, only a single network is supported.
     { # Network configuration for the instance.
+      &quot;connectMode&quot;: &quot;A String&quot;, # The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING.
       &quot;ipAddresses&quot;: [ # Output only. IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or IPv6 addresses in the format `{block1}:{block2}:{block3}:{block4}:{block5}:{block6}:{block7}:{block8}`.
         &quot;A String&quot;,
       ],
@@ -271,12 +284,15 @@
         &quot;A String&quot;,
       ],
       &quot;network&quot;: &quot;A String&quot;, # The name of the Google Compute Engine [VPC network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected.
-      &quot;reservedIpRange&quot;: &quot;A String&quot;, # A /29 CIDR block in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29 or 192.168.0.0/29. The range you specify can&#x27;t overlap with either existing subnets or assigned IP address ranges for other Cloud Filestore instances in the selected VPC network.
+      &quot;reservedIpRange&quot;: &quot;A String&quot;, # Optional, reserved_ip_range can have one of the following two types of values. * CIDR range value when using DIRECT_PEERING connect mode. * [Allocated IP address range](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address) when using PRIVATE_SERVICE_ACCESS connect mode. When the name of an allocated IP address range is specified, it must be one of the ranges associated with the private service access connection. When specified as a direct CIDR value, it must be a /29 CIDR block for Basic tier or a /24 CIDR block for High Scale or Enterprise tier in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29 or 192.168.0.0/24. The range you specify can&#x27;t overlap with either existing subnets or assigned IP address ranges for other Cloud Filestore instances in the selected VPC network.
     },
   ],
   &quot;satisfiesPzs&quot;: True or False, # Output only. Reserved for future use.
   &quot;state&quot;: &quot;A String&quot;, # Output only. The instance state.
   &quot;statusMessage&quot;: &quot;A String&quot;, # Output only. Additional information about the instance state, if available.
+  &quot;suspensionReasons&quot;: [ # Output only. field indicates all the reasons the instance is in &quot;SUSPENDED&quot; state.
+    &quot;A String&quot;,
+  ],
   &quot;tier&quot;: &quot;A String&quot;, # The service tier of the instance.
 }</pre>
 </div>
@@ -323,12 +339,14 @@
           &quot;sourceBackup&quot;: &quot;A String&quot;, # The resource name of the backup, in the format `projects/{project_number}/locations/{location_id}/backups/{backup_id}`, that this file share has been restored from.
         },
       ],
+      &quot;kmsKeyName&quot;: &quot;A String&quot;, # KMS key name used for data encryption.
       &quot;labels&quot;: { # Resource labels to represent user provided metadata.
         &quot;a_key&quot;: &quot;A String&quot;,
       },
       &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the instance, in the format `projects/{project}/locations/{location}/instances/{instance}`.
       &quot;networks&quot;: [ # VPC networks to which the instance is connected. For this version, only a single network is supported.
         { # Network configuration for the instance.
+          &quot;connectMode&quot;: &quot;A String&quot;, # The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING.
           &quot;ipAddresses&quot;: [ # Output only. IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or IPv6 addresses in the format `{block1}:{block2}:{block3}:{block4}:{block5}:{block6}:{block7}:{block8}`.
             &quot;A String&quot;,
           ],
@@ -336,12 +354,15 @@
             &quot;A String&quot;,
           ],
           &quot;network&quot;: &quot;A String&quot;, # The name of the Google Compute Engine [VPC network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected.
-          &quot;reservedIpRange&quot;: &quot;A String&quot;, # A /29 CIDR block in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29 or 192.168.0.0/29. The range you specify can&#x27;t overlap with either existing subnets or assigned IP address ranges for other Cloud Filestore instances in the selected VPC network.
+          &quot;reservedIpRange&quot;: &quot;A String&quot;, # Optional, reserved_ip_range can have one of the following two types of values. * CIDR range value when using DIRECT_PEERING connect mode. * [Allocated IP address range](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address) when using PRIVATE_SERVICE_ACCESS connect mode. When the name of an allocated IP address range is specified, it must be one of the ranges associated with the private service access connection. When specified as a direct CIDR value, it must be a /29 CIDR block for Basic tier or a /24 CIDR block for High Scale or Enterprise tier in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29 or 192.168.0.0/24. The range you specify can&#x27;t overlap with either existing subnets or assigned IP address ranges for other Cloud Filestore instances in the selected VPC network.
         },
       ],
       &quot;satisfiesPzs&quot;: True or False, # Output only. Reserved for future use.
       &quot;state&quot;: &quot;A String&quot;, # Output only. The instance state.
       &quot;statusMessage&quot;: &quot;A String&quot;, # Output only. Additional information about the instance state, if available.
+      &quot;suspensionReasons&quot;: [ # Output only. field indicates all the reasons the instance is in &quot;SUSPENDED&quot; state.
+        &quot;A String&quot;,
+      ],
       &quot;tier&quot;: &quot;A String&quot;, # The service tier of the instance.
     },
   ],
@@ -397,12 +418,14 @@
       &quot;sourceBackup&quot;: &quot;A String&quot;, # The resource name of the backup, in the format `projects/{project_number}/locations/{location_id}/backups/{backup_id}`, that this file share has been restored from.
     },
   ],
+  &quot;kmsKeyName&quot;: &quot;A String&quot;, # KMS key name used for data encryption.
   &quot;labels&quot;: { # Resource labels to represent user provided metadata.
     &quot;a_key&quot;: &quot;A String&quot;,
   },
   &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the instance, in the format `projects/{project}/locations/{location}/instances/{instance}`.
   &quot;networks&quot;: [ # VPC networks to which the instance is connected. For this version, only a single network is supported.
     { # Network configuration for the instance.
+      &quot;connectMode&quot;: &quot;A String&quot;, # The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING.
       &quot;ipAddresses&quot;: [ # Output only. IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or IPv6 addresses in the format `{block1}:{block2}:{block3}:{block4}:{block5}:{block6}:{block7}:{block8}`.
         &quot;A String&quot;,
       ],
@@ -410,12 +433,15 @@
         &quot;A String&quot;,
       ],
       &quot;network&quot;: &quot;A String&quot;, # The name of the Google Compute Engine [VPC network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected.
-      &quot;reservedIpRange&quot;: &quot;A String&quot;, # A /29 CIDR block in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29 or 192.168.0.0/29. The range you specify can&#x27;t overlap with either existing subnets or assigned IP address ranges for other Cloud Filestore instances in the selected VPC network.
+      &quot;reservedIpRange&quot;: &quot;A String&quot;, # Optional, reserved_ip_range can have one of the following two types of values. * CIDR range value when using DIRECT_PEERING connect mode. * [Allocated IP address range](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address) when using PRIVATE_SERVICE_ACCESS connect mode. When the name of an allocated IP address range is specified, it must be one of the ranges associated with the private service access connection. When specified as a direct CIDR value, it must be a /29 CIDR block for Basic tier or a /24 CIDR block for High Scale or Enterprise tier in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29 or 192.168.0.0/24. The range you specify can&#x27;t overlap with either existing subnets or assigned IP address ranges for other Cloud Filestore instances in the selected VPC network.
     },
   ],
   &quot;satisfiesPzs&quot;: True or False, # Output only. Reserved for future use.
   &quot;state&quot;: &quot;A String&quot;, # Output only. The instance state.
   &quot;statusMessage&quot;: &quot;A String&quot;, # Output only. Additional information about the instance state, if available.
+  &quot;suspensionReasons&quot;: [ # Output only. field indicates all the reasons the instance is in &quot;SUSPENDED&quot; state.
+    &quot;A String&quot;,
+  ],
   &quot;tier&quot;: &quot;A String&quot;, # The service tier of the instance.
 }
 

docs/dyn/file_v1.projects.locations.instances.snapshots.html

diff --git a/docs/dyn/file_v1.projects.locations.instances.snapshots.html b/docs/dyn/file_v1.projects.locations.instances.snapshots.html
new file mode 100644
index 0000000..bcca5a4
--- /dev/null
+++ b/docs/dyn/file_v1.projects.locations.instances.snapshots.html
@@ -0,0 +1,314 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="file_v1.html">Cloud Filestore API</a> . <a href="file_v1.projects.html">projects</a> . <a href="file_v1.projects.locations.html">locations</a> . <a href="file_v1.projects.locations.instances.html">instances</a> . <a href="file_v1.projects.locations.instances.snapshots.html">snapshots</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#create">create(parent, body=None, snapshotId=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Creates a snapshot.</p>
+<p class="toc_element">
+  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Deletes a snapshot.</p>
+<p class="toc_element">
+  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets the details of a specific snapshot.</p>
+<p class="toc_element">
+  <code><a href="#list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Lists all snapshots in a project for either a specified location or for all locations.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates the settings of a specific snapshot.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="create">create(parent, body=None, snapshotId=None, x__xgafv=None)</code>
+  <pre>Creates a snapshot.
+
+Args:
+  parent: string, Required. The Filestore Instance to create the snapshots of, in the format `projects/{project_id}/locations/{location}/instances/{instance_id}` (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A Filestore snapshot.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time when the snapshot was created.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the snapshot with 2048 characters or less. Requests with longer descriptions will be rejected.
+  &quot;filesystemUsedBytes&quot;: &quot;A String&quot;, # Output only. The amount of bytes needed to allocate a full copy of the snapshot content
+  &quot;labels&quot;: { # Resource labels to represent user provided metadata.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the snapshot, in the format `projects/{project_id}/locations/{location_id}/instances/{instance_id}/snapshots/{snapshot_id}`.
+  &quot;state&quot;: &quot;A String&quot;, # Output only. The snapshot state.
+}
+
+  snapshotId: string, Required. The ID to use for the snapshot. The ID must be unique within the specified instance. This value must start with a lowercase letter followed by up to 62 lowercase letters, numbers, or hyphens, and cannot end with a hyphen.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
+  <pre>Deletes a snapshot.
+
+Args:
+  name: string, Required. The snapshot resource name, in the format `projects/{project_id}/locations/{location}/instances/{instance_id}/snapshots/{snapshot_id}` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="get">get(name, x__xgafv=None)</code>
+  <pre>Gets the details of a specific snapshot.
+
+Args:
+  name: string, Required. The snapshot resource name, in the format `projects/{project_id}/locations/{location}/instances/{instance_id}/snapshots/{snapshot_id}` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A Filestore snapshot.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time when the snapshot was created.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the snapshot with 2048 characters or less. Requests with longer descriptions will be rejected.
+  &quot;filesystemUsedBytes&quot;: &quot;A String&quot;, # Output only. The amount of bytes needed to allocate a full copy of the snapshot content
+  &quot;labels&quot;: { # Resource labels to represent user provided metadata.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the snapshot, in the format `projects/{project_id}/locations/{location_id}/instances/{instance_id}/snapshots/{snapshot_id}`.
+  &quot;state&quot;: &quot;A String&quot;, # Output only. The snapshot state.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</code>
+  <pre>Lists all snapshots in a project for either a specified location or for all locations.
+
+Args:
+  parent: string, Required. The instance for which to retrieve snapshot information, in the format `projects/{project_id}/locations/{location}/instances/{instance_id}`. (required)
+  filter: string, List filter.
+  orderBy: string, Sort results. Supported values are &quot;name&quot;, &quot;name desc&quot; or &quot;&quot; (unsorted).
+  pageSize: integer, The maximum number of items to return.
+  pageToken: string, The next_page_token value to use if there are additional results to retrieve for this list request.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # ListSnapshotsResponse is the result of ListSnapshotsRequest.
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # The token you can use to retrieve the next page of results. Not returned if there are no more results in the list.
+  &quot;snapshots&quot;: [ # A list of snapshots in the project for the specified instance.
+    { # A Filestore snapshot.
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time when the snapshot was created.
+      &quot;description&quot;: &quot;A String&quot;, # A description of the snapshot with 2048 characters or less. Requests with longer descriptions will be rejected.
+      &quot;filesystemUsedBytes&quot;: &quot;A String&quot;, # Output only. The amount of bytes needed to allocate a full copy of the snapshot content
+      &quot;labels&quot;: { # Resource labels to represent user provided metadata.
+        &quot;a_key&quot;: &quot;A String&quot;,
+      },
+      &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the snapshot, in the format `projects/{project_id}/locations/{location_id}/instances/{instance_id}/snapshots/{snapshot_id}`.
+      &quot;state&quot;: &quot;A String&quot;, # Output only. The snapshot state.
+    },
+  ],
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Updates the settings of a specific snapshot.
+
+Args:
+  name: string, Output only. The resource name of the snapshot, in the format `projects/{project_id}/locations/{location_id}/instances/{instance_id}/snapshots/{snapshot_id}`. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A Filestore snapshot.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time when the snapshot was created.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the snapshot with 2048 characters or less. Requests with longer descriptions will be rejected.
+  &quot;filesystemUsedBytes&quot;: &quot;A String&quot;, # Output only. The amount of bytes needed to allocate a full copy of the snapshot content
+  &quot;labels&quot;: { # Resource labels to represent user provided metadata.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the snapshot, in the format `projects/{project_id}/locations/{location_id}/instances/{instance_id}/snapshots/{snapshot_id}`.
+  &quot;state&quot;: &quot;A String&quot;, # Output only. The snapshot state.
+}
+
+  updateMask: string, Required. Mask of fields to update. At least one path must be supplied in this field.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/firebasedynamiclinks_v1.managedShortLinks.html

diff --git a/docs/dyn/firebasedynamiclinks_v1.managedShortLinks.html b/docs/dyn/firebasedynamiclinks_v1.managedShortLinks.html
index 3907b81..776ec1d 100644
--- a/docs/dyn/firebasedynamiclinks_v1.managedShortLinks.html
+++ b/docs/dyn/firebasedynamiclinks_v1.managedShortLinks.html
@@ -98,7 +98,7 @@
   "dynamicLinkInfo": { # Information about a Dynamic Link. # Information about the Dynamic Link to be shortened. [Learn more](https://firebase.google.com/docs/reference/dynamic-links/link-shortener).
     "analyticsInfo": { # Tracking parameters supported by Dynamic Link. # Parameters used for tracking. See all tracking parameters in the [documentation](https://firebase.google.com/docs/dynamic-links/create-manually).
       "googlePlayAnalytics": { # Parameters for Google Play Campaign Measurements. [Learn more](https://developers.google.com/analytics/devguides/collection/android/v4/campaigns#campaign-params) # Google Play Campaign Measurements.
-        "gclid": "A String", # [AdWords autotagging parameter](https://support.google.com/analytics/answer/1033981?hl=en); used to measure Google AdWords ads. This value is generated dynamically and should never be modified.
+        "gclid": "A String", # Deprecated; FDL SDK does not process nor log it.
         "utmCampaign": "A String", # Campaign name; used for keyword analysis to identify a specific product promotion or strategic campaign.
         "utmContent": "A String", # Campaign content; used for A/B testing and content-targeted ads to differentiate ads or links that point to the same URL.
         "utmMedium": "A String", # Campaign medium; used to identify a medium such as email or cost-per-click.
@@ -168,7 +168,7 @@
     "info": { # Information about a Dynamic Link. # Full Dyamic Link info
       "analyticsInfo": { # Tracking parameters supported by Dynamic Link. # Parameters used for tracking. See all tracking parameters in the [documentation](https://firebase.google.com/docs/dynamic-links/create-manually).
         "googlePlayAnalytics": { # Parameters for Google Play Campaign Measurements. [Learn more](https://developers.google.com/analytics/devguides/collection/android/v4/campaigns#campaign-params) # Google Play Campaign Measurements.
-          "gclid": "A String", # [AdWords autotagging parameter](https://support.google.com/analytics/answer/1033981?hl=en); used to measure Google AdWords ads. This value is generated dynamically and should never be modified.
+          "gclid": "A String", # Deprecated; FDL SDK does not process nor log it.
           "utmCampaign": "A String", # Campaign name; used for keyword analysis to identify a specific product promotion or strategic campaign.
           "utmContent": "A String", # Campaign content; used for A/B testing and content-targeted ads to differentiate ads or links that point to the same URL.
           "utmMedium": "A String", # Campaign medium; used to identify a medium such as email or cost-per-click.

docs/dyn/firebasedynamiclinks_v1.shortLinks.html

diff --git a/docs/dyn/firebasedynamiclinks_v1.shortLinks.html b/docs/dyn/firebasedynamiclinks_v1.shortLinks.html
index 38e7d1a..ee9422b 100644
--- a/docs/dyn/firebasedynamiclinks_v1.shortLinks.html
+++ b/docs/dyn/firebasedynamiclinks_v1.shortLinks.html
@@ -98,7 +98,7 @@
   "dynamicLinkInfo": { # Information about a Dynamic Link. # Information about the Dynamic Link to be shortened. [Learn more](https://firebase.google.com/docs/reference/dynamic-links/link-shortener).
     "analyticsInfo": { # Tracking parameters supported by Dynamic Link. # Parameters used for tracking. See all tracking parameters in the [documentation](https://firebase.google.com/docs/dynamic-links/create-manually).
       "googlePlayAnalytics": { # Parameters for Google Play Campaign Measurements. [Learn more](https://developers.google.com/analytics/devguides/collection/android/v4/campaigns#campaign-params) # Google Play Campaign Measurements.
-        "gclid": "A String", # [AdWords autotagging parameter](https://support.google.com/analytics/answer/1033981?hl=en); used to measure Google AdWords ads. This value is generated dynamically and should never be modified.
+        "gclid": "A String", # Deprecated; FDL SDK does not process nor log it.
         "utmCampaign": "A String", # Campaign name; used for keyword analysis to identify a specific product promotion or strategic campaign.
         "utmContent": "A String", # Campaign content; used for A/B testing and content-targeted ads to differentiate ads or links that point to the same URL.
         "utmMedium": "A String", # Campaign medium; used to identify a medium such as email or cost-per-click.

docs/dyn/firestore_v1beta1.projects.databases.documents.html

diff --git a/docs/dyn/firestore_v1beta1.projects.databases.documents.html b/docs/dyn/firestore_v1beta1.projects.databases.documents.html
index 2381638..2a1c182 100644
--- a/docs/dyn/firestore_v1beta1.projects.databases.documents.html
+++ b/docs/dyn/firestore_v1beta1.projects.databases.documents.html
@@ -175,11 +175,7 @@
     "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
     "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
       "a_key": { # A message that can hold any of the supported value types.
-        "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-          "values": [ # Values in the array.
-            # Object with schema name: Value
-          ],
-        },
+        "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
         "booleanValue": True or False, # A boolean value.
         "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
         "doubleValue": 3.14, # A double value.
@@ -234,16 +230,31 @@
           { # A transformation of a field of the document.
             "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                # Object with schema name: Value
+                { # A message that can hold any of the supported value types.
+                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                  "booleanValue": True or False, # A boolean value.
+                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                  "doubleValue": 3.14, # A double value.
+                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                  },
+                  "integerValue": "A String", # An integer value.
+                  "mapValue": { # A map value. # A map value.
+                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                      "a_key": # Object with schema name: Value
+                    },
+                  },
+                  "nullValue": "A String", # A null value.
+                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+                },
               ],
             },
             "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
             "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -263,11 +274,7 @@
               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -287,11 +294,7 @@
               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -312,7 +315,26 @@
             },
             "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                # Object with schema name: Value
+                { # A message that can hold any of the supported value types.
+                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                  "booleanValue": True or False, # A boolean value.
+                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                  "doubleValue": 3.14, # A double value.
+                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                  },
+                  "integerValue": "A String", # An integer value.
+                  "mapValue": { # A map value. # A map value.
+                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                      "a_key": # Object with schema name: Value
+                    },
+                  },
+                  "nullValue": "A String", # A null value.
+                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+                },
               ],
             },
             "setToServerValue": "A String", # Sets the field to the given server value.
@@ -323,11 +345,7 @@
         "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
         "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
           "a_key": { # A message that can hold any of the supported value types.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -359,16 +377,31 @@
         { # A transformation of a field of the document.
           "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              # Object with schema name: Value
+              { # A message that can hold any of the supported value types.
+                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "booleanValue": True or False, # A boolean value.
+                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                "doubleValue": 3.14, # A double value.
+                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                },
+                "integerValue": "A String", # An integer value.
+                "mapValue": { # A map value. # A map value.
+                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                    "a_key": # Object with schema name: Value
+                  },
+                },
+                "nullValue": "A String", # A null value.
+                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+              },
             ],
           },
           "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
           "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -388,11 +421,7 @@
             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -412,11 +441,7 @@
             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -437,7 +462,26 @@
           },
           "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              # Object with schema name: Value
+              { # A message that can hold any of the supported value types.
+                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "booleanValue": True or False, # A boolean value.
+                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                "doubleValue": 3.14, # A double value.
+                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                },
+                "integerValue": "A String", # An integer value.
+                "mapValue": { # A map value. # A map value.
+                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                    "a_key": # Object with schema name: Value
+                  },
+                },
+                "nullValue": "A String", # A null value.
+                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+              },
             ],
           },
           "setToServerValue": "A String", # Sets the field to the given server value.
@@ -471,11 +515,7 @@
     { # The result of applying a write.
       "transformResults": [ # The results of applying each DocumentTransform.FieldTransform, in the same order.
         { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -563,16 +603,31 @@
           { # A transformation of a field of the document.
             "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                # Object with schema name: Value
+                { # A message that can hold any of the supported value types.
+                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                  "booleanValue": True or False, # A boolean value.
+                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                  "doubleValue": 3.14, # A double value.
+                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                  },
+                  "integerValue": "A String", # An integer value.
+                  "mapValue": { # A map value. # A map value.
+                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                      "a_key": # Object with schema name: Value
+                    },
+                  },
+                  "nullValue": "A String", # A null value.
+                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+                },
               ],
             },
             "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
             "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -592,11 +647,7 @@
               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -616,11 +667,7 @@
               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -641,7 +688,26 @@
             },
             "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                # Object with schema name: Value
+                { # A message that can hold any of the supported value types.
+                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                  "booleanValue": True or False, # A boolean value.
+                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                  "doubleValue": 3.14, # A double value.
+                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                  },
+                  "integerValue": "A String", # An integer value.
+                  "mapValue": { # A map value. # A map value.
+                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                      "a_key": # Object with schema name: Value
+                    },
+                  },
+                  "nullValue": "A String", # A null value.
+                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+                },
               ],
             },
             "setToServerValue": "A String", # Sets the field to the given server value.
@@ -652,11 +718,7 @@
         "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
         "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
           "a_key": { # A message that can hold any of the supported value types.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -688,16 +750,31 @@
         { # A transformation of a field of the document.
           "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              # Object with schema name: Value
+              { # A message that can hold any of the supported value types.
+                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "booleanValue": True or False, # A boolean value.
+                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                "doubleValue": 3.14, # A double value.
+                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                },
+                "integerValue": "A String", # An integer value.
+                "mapValue": { # A map value. # A map value.
+                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                    "a_key": # Object with schema name: Value
+                  },
+                },
+                "nullValue": "A String", # A null value.
+                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+              },
             ],
           },
           "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
           "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -717,11 +794,7 @@
             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -741,11 +814,7 @@
             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -766,7 +835,26 @@
           },
           "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              # Object with schema name: Value
+              { # A message that can hold any of the supported value types.
+                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "booleanValue": True or False, # A boolean value.
+                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                "doubleValue": 3.14, # A double value.
+                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                },
+                "integerValue": "A String", # An integer value.
+                "mapValue": { # A map value. # A map value.
+                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                    "a_key": # Object with schema name: Value
+                  },
+                },
+                "nullValue": "A String", # A null value.
+                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+              },
             ],
           },
           "setToServerValue": "A String", # Sets the field to the given server value.
@@ -790,11 +878,7 @@
     { # The result of applying a write.
       "transformResults": [ # The results of applying each DocumentTransform.FieldTransform, in the same order.
         { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -834,11 +918,7 @@
   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-        "values": [ # Values in the array.
-          # Object with schema name: Value
-        ],
-      },
+      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -876,11 +956,7 @@
   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-        "values": [ # Values in the array.
-          # Object with schema name: Value
-        ],
-      },
+      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -946,11 +1022,7 @@
   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-        "values": [ # Values in the array.
-          # Object with schema name: Value
-        ],
-      },
+      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -1003,11 +1075,7 @@
       "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
       "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
         "a_key": { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1117,11 +1185,7 @@
           "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
           "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
             { # A message that can hold any of the supported value types.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1169,11 +1233,7 @@
           "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
           "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
             { # A message that can hold any of the supported value types.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1207,11 +1267,7 @@
             },
             "op": "A String", # The operator to filter by.
             "value": { # A message that can hold any of the supported value types. # The value to compare to.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1264,11 +1320,7 @@
       "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
       "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
         "a_key": { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1354,11 +1406,7 @@
       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1406,11 +1454,7 @@
       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1444,11 +1488,7 @@
         },
         "op": "A String", # The operator to filter by.
         "value": { # A message that can hold any of the supported value types. # The value to compare to.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1493,11 +1533,7 @@
       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1549,11 +1585,7 @@
   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-        "values": [ # Values in the array.
-          # Object with schema name: Value
-        ],
-      },
+      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -1593,11 +1625,7 @@
   "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
   "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
     "a_key": { # A message that can hold any of the supported value types.
-      "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-        "values": [ # Values in the array.
-          # Object with schema name: Value
-        ],
-      },
+      "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
       "booleanValue": True or False, # A boolean value.
       "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
       "doubleValue": 3.14, # A double value.
@@ -1671,11 +1699,7 @@
       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1723,11 +1747,7 @@
       "before": True or False, # If the position is just before or just after the given values, relative to the sort order defined by the query.
       "values": [ # The values that represent a position, in the order they appear in the order by clause of a query. Can contain fewer values than specified in the order by clause.
         { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1761,11 +1781,7 @@
         },
         "op": "A String", # The operator to filter by.
         "value": { # A message that can hold any of the supported value types. # The value to compare to.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.
@@ -1809,11 +1825,7 @@
     "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
     "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
       "a_key": { # A message that can hold any of the supported value types.
-        "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-          "values": [ # Values in the array.
-            # Object with schema name: Value
-          ],
-        },
+        "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
         "booleanValue": True or False, # A boolean value.
         "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
         "doubleValue": 3.14, # A double value.
@@ -1870,16 +1882,31 @@
           { # A transformation of a field of the document.
             "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                # Object with schema name: Value
+                { # A message that can hold any of the supported value types.
+                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                  "booleanValue": True or False, # A boolean value.
+                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                  "doubleValue": 3.14, # A double value.
+                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                  },
+                  "integerValue": "A String", # An integer value.
+                  "mapValue": { # A map value. # A map value.
+                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                      "a_key": # Object with schema name: Value
+                    },
+                  },
+                  "nullValue": "A String", # A null value.
+                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+                },
               ],
             },
             "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
             "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1899,11 +1926,7 @@
               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1923,11 +1946,7 @@
               "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
             },
             "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-              "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-                "values": [ # Values in the array.
-                  # Object with schema name: Value
-                ],
-              },
+              "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
               "booleanValue": True or False, # A boolean value.
               "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
               "doubleValue": 3.14, # A double value.
@@ -1948,7 +1967,26 @@
             },
             "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
               "values": [ # Values in the array.
-                # Object with schema name: Value
+                { # A message that can hold any of the supported value types.
+                  "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                  "booleanValue": True or False, # A boolean value.
+                  "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                  "doubleValue": 3.14, # A double value.
+                  "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                    "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                    "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                  },
+                  "integerValue": "A String", # An integer value.
+                  "mapValue": { # A map value. # A map value.
+                    "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                      "a_key": # Object with schema name: Value
+                    },
+                  },
+                  "nullValue": "A String", # A null value.
+                  "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                  "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                  "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+                },
               ],
             },
             "setToServerValue": "A String", # Sets the field to the given server value.
@@ -1959,11 +1997,7 @@
         "createTime": "A String", # Output only. The time at which the document was created. This value increases monotonically when a document is deleted then recreated. It can also be compared to values from other documents and the `read_time` of a query.
         "fields": { # The document's fields. The map keys represent field names. A simple field name contains only characters `a` to `z`, `A` to `Z`, `0` to `9`, or `_`, and must not start with `0` to `9`. For example, `foo_bar_17`. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty. Field paths may be used in other contexts to refer to structured fields defined here. For `map_value`, the field path is represented by the simple or quoted field names of the containing fields, delimited by `.`. For example, the structured field `"foo" : { map_value: { "x&y" : { string_value: "hello" }}}` would be represented by the field path `foo.x&y`. Within a field path, a quoted field name starts and ends with `` ` `` and may contain any character. Some characters, including `` ` ``, must be escaped using a `\`. For example, `` `x&y` `` represents `x&y` and `` `bak\`tik` `` represents `` bak`tik ``.
           "a_key": { # A message that can hold any of the supported value types.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -1995,16 +2029,31 @@
         { # A transformation of a field of the document.
           "appendMissingElements": { # An array value. # Append the given elements in order if they are not already present in the current field value. If the field is not an array, or if the field does not yet exist, it is first set to the empty array. Equivalent numbers of different types (e.g. 3L and 3.0) are considered equal when checking if a value is missing. NaN is equal to NaN, and Null is equal to Null. If the input contains multiple equivalent values, only the first will be considered. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              # Object with schema name: Value
+              { # A message that can hold any of the supported value types.
+                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "booleanValue": True or False, # A boolean value.
+                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                "doubleValue": 3.14, # A double value.
+                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                },
+                "integerValue": "A String", # An integer value.
+                "mapValue": { # A map value. # A map value.
+                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                    "a_key": # Object with schema name: Value
+                  },
+                },
+                "nullValue": "A String", # A null value.
+                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+              },
             ],
           },
           "fieldPath": "A String", # The path of the field. See Document.fields for the field path syntax reference.
           "increment": { # A message that can hold any of the supported value types. # Adds the given value to the field's current value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If either of the given value or the current field value are doubles, both values will be interpreted as doubles. Double arithmetic and representation of double values follow IEEE 754 semantics. If there is positive/negative integer overflow, the field is resolved to the largest magnitude positive/negative integer.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -2024,11 +2073,7 @@
             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "maximum": { # A message that can hold any of the supported value types. # Sets the field to the maximum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the given value. If a maximum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the larger operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The maximum of a zero stored value and zero input value is always the stored value. The maximum of any numeric value x and NaN is NaN.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -2048,11 +2093,7 @@
             "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
           },
           "minimum": { # A message that can hold any of the supported value types. # Sets the field to the minimum of its current value and the given value. This must be an integer or a double value. If the field is not an integer or double, or if the field does not yet exist, the transformation will set the field to the input value. If a minimum operation is applied where the field and the input value are of mixed types (that is - one is an integer and one is a double) the field takes on the type of the smaller operand. If the operands are equivalent (e.g. 3 and 3.0), the field does not change. 0, 0.0, and -0.0 are all zero. The minimum of a zero stored value and zero input value is always the stored value. The minimum of any numeric value x and NaN is NaN.
-            "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-              "values": [ # Values in the array.
-                # Object with schema name: Value
-              ],
-            },
+            "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
             "booleanValue": True or False, # A boolean value.
             "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
             "doubleValue": 3.14, # A double value.
@@ -2073,7 +2114,26 @@
           },
           "removeAllFromArray": { # An array value. # Remove all of the given elements from the array in the field. If the field is not an array, or if the field does not yet exist, it is set to the empty array. Equivalent numbers of the different types (e.g. 3L and 3.0) are considered equal when deciding whether an element should be removed. NaN is equal to NaN, and Null is equal to Null. This will remove all equivalent values if there are duplicates. The corresponding transform_result will be the null value.
             "values": [ # Values in the array.
-              # Object with schema name: Value
+              { # A message that can hold any of the supported value types.
+                "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
+                "booleanValue": True or False, # A boolean value.
+                "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
+                "doubleValue": 3.14, # A double value.
+                "geoPointValue": { # An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges. # A geo point value representing a point on the surface of Earth.
+                  "latitude": 3.14, # The latitude in degrees. It must be in the range [-90.0, +90.0].
+                  "longitude": 3.14, # The longitude in degrees. It must be in the range [-180.0, +180.0].
+                },
+                "integerValue": "A String", # An integer value.
+                "mapValue": { # A map value. # A map value.
+                  "fields": { # The map's fields. The map keys represent field names. Field names matching the regular expression `__.*__` are reserved. Reserved field names are forbidden except in certain documented contexts. The map keys, represented as UTF-8, must not exceed 1,500 bytes and cannot be empty.
+                    "a_key": # Object with schema name: Value
+                  },
+                },
+                "nullValue": "A String", # A null value.
+                "referenceValue": "A String", # A reference to a document. For example: `projects/{project_id}/databases/{database_id}/documents/{document_path}`.
+                "stringValue": "A String", # A string value. The string, represented as UTF-8, must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes of the UTF-8 representation are considered by queries.
+                "timestampValue": "A String", # A timestamp value. Precise only to microseconds. When stored, any additional precision is rounded down.
+              },
             ],
           },
           "setToServerValue": "A String", # Sets the field to the given server value.
@@ -2099,11 +2159,7 @@
     { # The result of applying a write.
       "transformResults": [ # The results of applying each DocumentTransform.FieldTransform, in the same order.
         { # A message that can hold any of the supported value types.
-          "arrayValue": { # An array value. # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
-            "values": [ # Values in the array.
-              # Object with schema name: Value
-            ],
-          },
+          "arrayValue": # Object with schema name: ArrayValue # An array value. Cannot directly contain another array value, though can contain an map which contains another array.
           "booleanValue": True or False, # A boolean value.
           "bytesValue": "A String", # A bytes value. Must not exceed 1 MiB - 89 bytes. Only the first 1,500 bytes are considered by queries.
           "doubleValue": 3.14, # A double value.

docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.configs.html

diff --git a/docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.configs.html b/docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.configs.html
index 4ce6d39..22ff344 100644
--- a/docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.configs.html
+++ b/docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.configs.html
@@ -125,7 +125,7 @@
       "fleetAutoscalerSpec": "A String", # Required. Agones fleet autoscaler spec. Example spec: https://agones.dev/site/docs/reference/fleetautoscaler/
       "name": "A String", # Required. The name of the Scaling Config
       "schedules": [ # The schedules to which this Scaling Config applies.
-        { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration
+        { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. ``` start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration ```
           "cronJobDuration": "A String", # The duration for the cron job event. The duration of the event is effective after the cron job's start time.
           "cronSpec": "A String", # The cron definition of the scheduled event. See https://en.wikipedia.org/wiki/Cron. Cron spec specifies the local time as defined by the realm.
           "endTime": "A String", # The end time of the event.
@@ -241,7 +241,7 @@
       "fleetAutoscalerSpec": "A String", # Required. Agones fleet autoscaler spec. Example spec: https://agones.dev/site/docs/reference/fleetautoscaler/
       "name": "A String", # Required. The name of the Scaling Config
       "schedules": [ # The schedules to which this Scaling Config applies.
-        { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration
+        { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. ``` start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration ```
           "cronJobDuration": "A String", # The duration for the cron job event. The duration of the event is effective after the cron job's start time.
           "cronSpec": "A String", # The cron definition of the scheduled event. See https://en.wikipedia.org/wiki/Cron. Cron spec specifies the local time as defined by the realm.
           "endTime": "A String", # The end time of the event.
@@ -299,7 +299,7 @@
           "fleetAutoscalerSpec": "A String", # Required. Agones fleet autoscaler spec. Example spec: https://agones.dev/site/docs/reference/fleetautoscaler/
           "name": "A String", # Required. The name of the Scaling Config
           "schedules": [ # The schedules to which this Scaling Config applies.
-            { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration
+            { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. ``` start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration ```
               "cronJobDuration": "A String", # The duration for the cron job event. The duration of the event is effective after the cron job's start time.
               "cronSpec": "A String", # The cron definition of the scheduled event. See https://en.wikipedia.org/wiki/Cron. Cron spec specifies the local time as defined by the realm.
               "endTime": "A String", # The end time of the event.

docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.html

diff --git a/docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.html b/docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.html
index 0aa52db..ff4eea0 100644
--- a/docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.html
+++ b/docs/dyn/gameservices_v1.projects.locations.gameServerDeployments.html
@@ -302,7 +302,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.configs.html

diff --git a/docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.configs.html b/docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.configs.html
index 44c8d6c..2c5b9c3 100644
--- a/docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.configs.html
+++ b/docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.configs.html
@@ -125,7 +125,7 @@
       "fleetAutoscalerSpec": "A String", # Required. Agones fleet autoscaler spec. Example spec: https://agones.dev/site/docs/reference/fleetautoscaler/
       "name": "A String", # Required. The name of the Scaling Config
       "schedules": [ # The schedules to which this Scaling Config applies.
-        { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration
+        { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. ``` start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration ```
           "cronJobDuration": "A String", # The duration for the cron job event. The duration of the event is effective after the cron job's start time.
           "cronSpec": "A String", # The cron definition of the scheduled event. See https://en.wikipedia.org/wiki/Cron. Cron spec specifies the local time as defined by the realm.
           "endTime": "A String", # The end time of the event.
@@ -241,7 +241,7 @@
       "fleetAutoscalerSpec": "A String", # Required. Agones fleet autoscaler spec. Example spec: https://agones.dev/site/docs/reference/fleetautoscaler/
       "name": "A String", # Required. The name of the Scaling Config
       "schedules": [ # The schedules to which this Scaling Config applies.
-        { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration
+        { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. ``` start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration ```
           "cronJobDuration": "A String", # The duration for the cron job event. The duration of the event is effective after the cron job's start time.
           "cronSpec": "A String", # The cron definition of the scheduled event. See https://en.wikipedia.org/wiki/Cron. Cron spec specifies the local time as defined by the realm.
           "endTime": "A String", # The end time of the event.
@@ -299,7 +299,7 @@
           "fleetAutoscalerSpec": "A String", # Required. Agones fleet autoscaler spec. Example spec: https://agones.dev/site/docs/reference/fleetautoscaler/
           "name": "A String", # Required. The name of the Scaling Config
           "schedules": [ # The schedules to which this Scaling Config applies.
-            { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration
+            { # The schedule of a recurring or one time event. The event's time span is specified by start_time and end_time. If the scheduled event's timespan is larger than the cron_spec + cron_job_duration, the event will be recurring. If only cron_spec + cron_job_duration are specified, the event is effective starting at the local time specified by cron_spec, and is recurring. ``` start_time|-------[cron job]-------[cron job]-------[cron job]---|end_time cron job: cron spec start time + duration ```
               "cronJobDuration": "A String", # The duration for the cron job event. The duration of the event is effective after the cron job's start time.
               "cronSpec": "A String", # The cron definition of the scheduled event. See https://en.wikipedia.org/wiki/Cron. Cron spec specifies the local time as defined by the realm.
               "endTime": "A String", # The end time of the event.

docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.html

diff --git a/docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.html b/docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.html
index 5beebe9..5c72299 100644
--- a/docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.html
+++ b/docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.html
@@ -302,7 +302,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/gkehub_v1.projects.locations.features.html

diff --git a/docs/dyn/gkehub_v1.projects.locations.features.html b/docs/dyn/gkehub_v1.projects.locations.features.html
index ed97064..d1fb580 100644
--- a/docs/dyn/gkehub_v1.projects.locations.features.html
+++ b/docs/dyn/gkehub_v1.projects.locations.features.html
@@ -134,12 +134,13 @@
             "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
             "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
             "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-            "secretType": "A String", # Type of secret configured for access to the Git repo.
+            "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
             "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
             "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
             "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
             "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
           },
+          "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
           "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
         },
         "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -234,12 +235,13 @@
               "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
               "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
               "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-              "secretType": "A String", # Type of secret configured for access to the Git repo.
+              "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
               "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
               "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
               "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
               "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
             },
+            "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
             "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
           },
           "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -409,12 +411,13 @@
             "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
             "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
             "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-            "secretType": "A String", # Type of secret configured for access to the Git repo.
+            "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
             "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
             "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
             "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
             "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
           },
+          "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
           "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
         },
         "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -509,12 +512,13 @@
               "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
               "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
               "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-              "secretType": "A String", # Type of secret configured for access to the Git repo.
+              "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
               "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
               "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
               "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
               "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
             },
+            "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
             "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
           },
           "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -594,7 +598,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -672,12 +676,13 @@
                 "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
                 "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
                 "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-                "secretType": "A String", # Type of secret configured for access to the Git repo.
+                "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
                 "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
                 "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
                 "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
                 "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
               },
+              "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
               "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
             },
             "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -772,12 +777,13 @@
                   "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
                   "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
                   "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-                  "secretType": "A String", # Type of secret configured for access to the Git repo.
+                  "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
                   "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
                   "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
                   "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
                   "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
                 },
+                "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
                 "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
               },
               "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -891,12 +897,13 @@
             "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
             "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
             "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-            "secretType": "A String", # Type of secret configured for access to the Git repo.
+            "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
             "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
             "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
             "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
             "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
           },
+          "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
           "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
         },
         "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -991,12 +998,13 @@
               "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
               "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
               "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-              "secretType": "A String", # Type of secret configured for access to the Git repo.
+              "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
               "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
               "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
               "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
               "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
             },
+            "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
             "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
           },
           "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.

docs/dyn/gkehub_v1.projects.locations.memberships.html

diff --git a/docs/dyn/gkehub_v1.projects.locations.memberships.html b/docs/dyn/gkehub_v1.projects.locations.memberships.html
index 11399f3..e931fb6 100644
--- a/docs/dyn/gkehub_v1.projects.locations.memberships.html
+++ b/docs/dyn/gkehub_v1.projects.locations.memberships.html
@@ -145,6 +145,25 @@
       "updateTime": "A String", # Output only. The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers.
       "vcpuCount": 42, # Output only. vCPU count as reported by Kubernetes nodes resources.
     },
+    "kubernetesResource": { # KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster. # Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features.
+      "connectResources": [ # Output only. The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "membershipCrManifest": "A String", # Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership.
+      "membershipResources": [ # Output only. Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "resourceOptions": { # ResourceOptions represent options for Kubernetes resource generation. # Optional. Options for Kubernetes resource generation.
+        "connectVersion": "A String", # Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected.
+        "v1beta1Crd": True or False, # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16.
+      },
+    },
     "multiCloudCluster": { # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. # Optional. Specific information for a GKE Multi-Cloud cluster.
       "clusterMissing": True or False, # Output only. If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists.
       "resourceLink": "A String", # Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster
@@ -305,6 +324,25 @@
       "updateTime": "A String", # Output only. The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers.
       "vcpuCount": 42, # Output only. vCPU count as reported by Kubernetes nodes resources.
     },
+    "kubernetesResource": { # KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster. # Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features.
+      "connectResources": [ # Output only. The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "membershipCrManifest": "A String", # Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership.
+      "membershipResources": [ # Output only. Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "resourceOptions": { # ResourceOptions represent options for Kubernetes resource generation. # Optional. Options for Kubernetes resource generation.
+        "connectVersion": "A String", # Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected.
+        "v1beta1Crd": True or False, # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16.
+      },
+    },
     "multiCloudCluster": { # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. # Optional. Specific information for a GKE Multi-Cloud cluster.
       "clusterMissing": True or False, # Output only. If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists.
       "resourceLink": "A String", # Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster
@@ -335,7 +373,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -421,6 +459,25 @@
           "updateTime": "A String", # Output only. The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers.
           "vcpuCount": 42, # Output only. vCPU count as reported by Kubernetes nodes resources.
         },
+        "kubernetesResource": { # KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster. # Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features.
+          "connectResources": [ # Output only. The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+            { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+              "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+              "manifest": "A String", # YAML manifest of the resource.
+            },
+          ],
+          "membershipCrManifest": "A String", # Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership.
+          "membershipResources": [ # Output only. Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+            { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+              "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+              "manifest": "A String", # YAML manifest of the resource.
+            },
+          ],
+          "resourceOptions": { # ResourceOptions represent options for Kubernetes resource generation. # Optional. Options for Kubernetes resource generation.
+            "connectVersion": "A String", # Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected.
+            "v1beta1Crd": True or False, # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16.
+          },
+        },
         "multiCloudCluster": { # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. # Optional. Specific information for a GKE Multi-Cloud cluster.
           "clusterMissing": True or False, # Output only. If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists.
           "resourceLink": "A String", # Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster
@@ -496,6 +553,25 @@
       "updateTime": "A String", # Output only. The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers.
       "vcpuCount": 42, # Output only. vCPU count as reported by Kubernetes nodes resources.
     },
+    "kubernetesResource": { # KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster. # Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features.
+      "connectResources": [ # Output only. The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "membershipCrManifest": "A String", # Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership.
+      "membershipResources": [ # Output only. Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "resourceOptions": { # ResourceOptions represent options for Kubernetes resource generation. # Optional. Options for Kubernetes resource generation.
+        "connectVersion": "A String", # Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected.
+        "v1beta1Crd": True or False, # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16.
+      },
+    },
     "multiCloudCluster": { # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. # Optional. Specific information for a GKE Multi-Cloud cluster.
       "clusterMissing": True or False, # Output only. If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists.
       "resourceLink": "A String", # Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster

docs/dyn/gkehub_v1alpha.projects.locations.features.html

diff --git a/docs/dyn/gkehub_v1alpha.projects.locations.features.html b/docs/dyn/gkehub_v1alpha.projects.locations.features.html
index 5f14d56..5f6be6e 100644
--- a/docs/dyn/gkehub_v1alpha.projects.locations.features.html
+++ b/docs/dyn/gkehub_v1alpha.projects.locations.features.html
@@ -137,12 +137,13 @@
             "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
             "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
             "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-            "secretType": "A String", # Type of secret configured for access to the Git repo.
+            "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
             "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
             "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
             "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
             "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
           },
+          "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
           "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
         },
         "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -270,12 +271,13 @@
               "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
               "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
               "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-              "secretType": "A String", # Type of secret configured for access to the Git repo.
+              "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
               "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
               "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
               "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
               "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
             },
+            "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
             "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
           },
           "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -528,12 +530,13 @@
             "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
             "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
             "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-            "secretType": "A String", # Type of secret configured for access to the Git repo.
+            "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
             "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
             "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
             "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
             "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
           },
+          "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
           "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
         },
         "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -661,12 +664,13 @@
               "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
               "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
               "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-              "secretType": "A String", # Type of secret configured for access to the Git repo.
+              "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
               "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
               "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
               "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
               "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
             },
+            "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
             "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
           },
           "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -826,7 +830,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -907,12 +911,13 @@
                 "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
                 "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
                 "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-                "secretType": "A String", # Type of secret configured for access to the Git repo.
+                "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
                 "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
                 "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
                 "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
                 "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
               },
+              "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
               "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
             },
             "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -1040,12 +1045,13 @@
                   "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
                   "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
                   "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-                  "secretType": "A String", # Type of secret configured for access to the Git repo.
+                  "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
                   "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
                   "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
                   "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
                   "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
                 },
+                "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
                 "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
               },
               "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -1242,12 +1248,13 @@
             "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
             "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
             "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-            "secretType": "A String", # Type of secret configured for access to the Git repo.
+            "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
             "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
             "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
             "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
             "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
           },
+          "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
           "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
         },
         "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -1375,12 +1382,13 @@
               "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
               "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
               "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-              "secretType": "A String", # Type of secret configured for access to the Git repo.
+              "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
               "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
               "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
               "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
               "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
             },
+            "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
             "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
           },
           "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.

docs/dyn/gkehub_v1alpha.projects.locations.memberships.html

diff --git a/docs/dyn/gkehub_v1alpha.projects.locations.memberships.html b/docs/dyn/gkehub_v1alpha.projects.locations.memberships.html
index 6cd6183..afb1879 100644
--- a/docs/dyn/gkehub_v1alpha.projects.locations.memberships.html
+++ b/docs/dyn/gkehub_v1alpha.projects.locations.memberships.html
@@ -151,6 +151,25 @@
       "updateTime": "A String", # Output only. The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers.
       "vcpuCount": 42, # Output only. vCPU count as reported by Kubernetes nodes resources.
     },
+    "kubernetesResource": { # KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster. # Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features.
+      "connectResources": [ # Output only. The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "membershipCrManifest": "A String", # Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership.
+      "membershipResources": [ # Output only. Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "resourceOptions": { # ResourceOptions represent options for Kubernetes resource generation. # Optional. Options for Kubernetes resource generation.
+        "connectVersion": "A String", # Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected.
+        "v1beta1Crd": True or False, # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16.
+      },
+    },
     "multiCloudCluster": { # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. # Optional. Specific information for a GKE Multi-Cloud cluster.
       "clusterMissing": True or False, # Output only. If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists.
       "resourceLink": "A String", # Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster
@@ -311,6 +330,25 @@
       "updateTime": "A String", # Output only. The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers.
       "vcpuCount": 42, # Output only. vCPU count as reported by Kubernetes nodes resources.
     },
+    "kubernetesResource": { # KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster. # Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features.
+      "connectResources": [ # Output only. The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "membershipCrManifest": "A String", # Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership.
+      "membershipResources": [ # Output only. Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "resourceOptions": { # ResourceOptions represent options for Kubernetes resource generation. # Optional. Options for Kubernetes resource generation.
+        "connectVersion": "A String", # Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected.
+        "v1beta1Crd": True or False, # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16.
+      },
+    },
     "multiCloudCluster": { # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. # Optional. Specific information for a GKE Multi-Cloud cluster.
       "clusterMissing": True or False, # Output only. If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists.
       "resourceLink": "A String", # Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster
@@ -341,7 +379,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -427,6 +465,25 @@
           "updateTime": "A String", # Output only. The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers.
           "vcpuCount": 42, # Output only. vCPU count as reported by Kubernetes nodes resources.
         },
+        "kubernetesResource": { # KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster. # Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features.
+          "connectResources": [ # Output only. The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+            { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+              "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+              "manifest": "A String", # YAML manifest of the resource.
+            },
+          ],
+          "membershipCrManifest": "A String", # Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership.
+          "membershipResources": [ # Output only. Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+            { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+              "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+              "manifest": "A String", # YAML manifest of the resource.
+            },
+          ],
+          "resourceOptions": { # ResourceOptions represent options for Kubernetes resource generation. # Optional. Options for Kubernetes resource generation.
+            "connectVersion": "A String", # Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected.
+            "v1beta1Crd": True or False, # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16.
+          },
+        },
         "multiCloudCluster": { # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. # Optional. Specific information for a GKE Multi-Cloud cluster.
           "clusterMissing": True or False, # Output only. If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists.
           "resourceLink": "A String", # Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster
@@ -499,6 +556,25 @@
           "updateTime": "A String", # Output only. The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers.
           "vcpuCount": 42, # Output only. vCPU count as reported by Kubernetes nodes resources.
         },
+        "kubernetesResource": { # KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster. # Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features.
+          "connectResources": [ # Output only. The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+            { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+              "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+              "manifest": "A String", # YAML manifest of the resource.
+            },
+          ],
+          "membershipCrManifest": "A String", # Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership.
+          "membershipResources": [ # Output only. Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+            { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+              "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+              "manifest": "A String", # YAML manifest of the resource.
+            },
+          ],
+          "resourceOptions": { # ResourceOptions represent options for Kubernetes resource generation. # Optional. Options for Kubernetes resource generation.
+            "connectVersion": "A String", # Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected.
+            "v1beta1Crd": True or False, # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16.
+          },
+        },
         "multiCloudCluster": { # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. # Optional. Specific information for a GKE Multi-Cloud cluster.
           "clusterMissing": True or False, # Output only. If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists.
           "resourceLink": "A String", # Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster
@@ -589,6 +665,25 @@
       "updateTime": "A String", # Output only. The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers.
       "vcpuCount": 42, # Output only. vCPU count as reported by Kubernetes nodes resources.
     },
+    "kubernetesResource": { # KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster. # Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features.
+      "connectResources": [ # Output only. The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "membershipCrManifest": "A String", # Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership.
+      "membershipResources": [ # Output only. Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask.
+        { # ResourceManifest represents a single Kubernetes resource to be applied to the cluster.
+          "clusterScoped": True or False, # Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster.
+          "manifest": "A String", # YAML manifest of the resource.
+        },
+      ],
+      "resourceOptions": { # ResourceOptions represent options for Kubernetes resource generation. # Optional. Options for Kubernetes resource generation.
+        "connectVersion": "A String", # Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected.
+        "v1beta1Crd": True or False, # Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16.
+      },
+    },
     "multiCloudCluster": { # MultiCloudCluster contains information specific to GKE Multi-Cloud clusters. # Optional. Specific information for a GKE Multi-Cloud cluster.
       "clusterMissing": True or False, # Output only. If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists.
       "resourceLink": "A String", # Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster

docs/dyn/gkehub_v1alpha2.projects.locations.memberships.html

diff --git a/docs/dyn/gkehub_v1alpha2.projects.locations.memberships.html b/docs/dyn/gkehub_v1alpha2.projects.locations.memberships.html
index 1233319..e79ac25 100644
--- a/docs/dyn/gkehub_v1alpha2.projects.locations.memberships.html
+++ b/docs/dyn/gkehub_v1alpha2.projects.locations.memberships.html
@@ -373,7 +373,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/gkehub_v1beta.projects.locations.features.html

diff --git a/docs/dyn/gkehub_v1beta.projects.locations.features.html b/docs/dyn/gkehub_v1beta.projects.locations.features.html
index d960fc2..f91912f 100644
--- a/docs/dyn/gkehub_v1beta.projects.locations.features.html
+++ b/docs/dyn/gkehub_v1beta.projects.locations.features.html
@@ -137,12 +137,13 @@
             "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
             "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
             "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-            "secretType": "A String", # Type of secret configured for access to the Git repo.
+            "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
             "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
             "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
             "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
             "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
           },
+          "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
           "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
         },
         "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -267,12 +268,13 @@
               "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
               "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
               "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-              "secretType": "A String", # Type of secret configured for access to the Git repo.
+              "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
               "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
               "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
               "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
               "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
             },
+            "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
             "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
           },
           "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -476,12 +478,13 @@
             "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
             "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
             "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-            "secretType": "A String", # Type of secret configured for access to the Git repo.
+            "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
             "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
             "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
             "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
             "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
           },
+          "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
           "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
         },
         "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -606,12 +609,13 @@
               "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
               "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
               "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-              "secretType": "A String", # Type of secret configured for access to the Git repo.
+              "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
               "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
               "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
               "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
               "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
             },
+            "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
             "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
           },
           "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -722,7 +726,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -803,12 +807,13 @@
                 "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
                 "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
                 "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-                "secretType": "A String", # Type of secret configured for access to the Git repo.
+                "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
                 "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
                 "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
                 "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
                 "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
               },
+              "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
               "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
             },
             "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -933,12 +938,13 @@
                   "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
                   "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
                   "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-                  "secretType": "A String", # Type of secret configured for access to the Git repo.
+                  "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
                   "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
                   "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
                   "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
                   "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
                 },
+                "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
                 "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
               },
               "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -1086,12 +1092,13 @@
             "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
             "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
             "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-            "secretType": "A String", # Type of secret configured for access to the Git repo.
+            "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
             "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
             "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
             "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
             "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
           },
+          "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
           "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
         },
         "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.
@@ -1216,12 +1223,13 @@
               "gcpServiceAccountEmail": "A String", # The GCP Service Account Email used for auth when secret_type is gcpServiceAccount.
               "httpsProxy": "A String", # URL for the HTTPS proxy to be used when communicating with the Git repo.
               "policyDir": "A String", # The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.
-              "secretType": "A String", # Type of secret configured for access to the Git repo.
+              "secretType": "A String", # Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.
               "syncBranch": "A String", # The branch of the repository to sync from. Default: master.
               "syncRepo": "A String", # The URL of the Git repository to use as the source of truth.
               "syncRev": "A String", # Git revision (tag or hash) to check out. Default HEAD.
               "syncWaitSecs": "A String", # Period in seconds between consecutive syncs. Default: 15.
             },
+            "preventDrift": True or False, # Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts.
             "sourceFormat": "A String", # Specifies whether the Config Sync Repo is in “hierarchical” or “unstructured” mode.
           },
           "hierarchyController": { # Configuration for Hierarchy Controller # Hierarchy Controller configuration for the cluster.

docs/dyn/gkehub_v1beta.projects.locations.memberships.html

diff --git a/docs/dyn/gkehub_v1beta.projects.locations.memberships.html b/docs/dyn/gkehub_v1beta.projects.locations.memberships.html
index ca010d1..e329116 100644
--- a/docs/dyn/gkehub_v1beta.projects.locations.memberships.html
+++ b/docs/dyn/gkehub_v1beta.projects.locations.memberships.html
@@ -98,7 +98,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/gkehub_v1beta1.projects.locations.memberships.html

diff --git a/docs/dyn/gkehub_v1beta1.projects.locations.memberships.html b/docs/dyn/gkehub_v1beta1.projects.locations.memberships.html
index c8e37f2..128899f 100644
--- a/docs/dyn/gkehub_v1beta1.projects.locations.memberships.html
+++ b/docs/dyn/gkehub_v1beta1.projects.locations.memberships.html
@@ -408,7 +408,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/gmail_v1.users.messages.html

diff --git a/docs/dyn/gmail_v1.users.messages.html b/docs/dyn/gmail_v1.users.messages.html
index f156665..fb77818 100644
--- a/docs/dyn/gmail_v1.users.messages.html
+++ b/docs/dyn/gmail_v1.users.messages.html
@@ -96,7 +96,7 @@
 <p class="firstline">Gets the specified message.</p>
 <p class="toc_element">
   <code><a href="#import_">import_(userId, body=None, deleted=None, internalDateSource=None, media_body=None, media_mime_type=None, neverMarkSpam=None, processForCalendar=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Imports a message into only this user's mailbox, with standard email delivery scanning and classification similar to receiving via SMTP. Does not send a message. Note: This function doesn't trigger forwarding rules or filters set up by the user.</p>
+<p class="firstline">Imports a message into only this user's mailbox, with standard email delivery scanning and classification similar to receiving via SMTP. This method doesn't perform SPF checks, so it might not work for some spam messages, such as those attempting to perform domain spoofing. This method does not send a message. Note: This function doesn't trigger forwarding rules or filters set up by the user.</p>
 <p class="toc_element">
   <code><a href="#insert">insert(userId, body=None, deleted=None, internalDateSource=None, media_body=None, media_mime_type=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Directly inserts a message into only this user's mailbox similar to `IMAP APPEND`, bypassing most scanning and classification. Does not send a message.</p>
@@ -245,7 +245,7 @@
 
 <div class="method">
     <code class="details" id="import_">import_(userId, body=None, deleted=None, internalDateSource=None, media_body=None, media_mime_type=None, neverMarkSpam=None, processForCalendar=None, x__xgafv=None)</code>
-  <pre>Imports a message into only this user&#x27;s mailbox, with standard email delivery scanning and classification similar to receiving via SMTP. Does not send a message. Note: This function doesn&#x27;t trigger forwarding rules or filters set up by the user.
+  <pre>Imports a message into only this user&#x27;s mailbox, with standard email delivery scanning and classification similar to receiving via SMTP. This method doesn&#x27;t perform SPF checks, so it might not work for some spam messages, such as those attempting to perform domain spoofing. This method does not send a message. Note: This function doesn&#x27;t trigger forwarding rules or filters set up by the user.
 
 Args:
   userId: string, The user&#x27;s email address. The special value `me` can be used to indicate the authenticated user. (required)

docs/dyn/healthcare_v1.projects.locations.datasets.dicomStores.html

diff --git a/docs/dyn/healthcare_v1.projects.locations.datasets.dicomStores.html b/docs/dyn/healthcare_v1.projects.locations.datasets.dicomStores.html
index 15f41dd..3248a32 100644
--- a/docs/dyn/healthcare_v1.projects.locations.datasets.dicomStores.html
+++ b/docs/dyn/healthcare_v1.projects.locations.datasets.dicomStores.html
@@ -201,6 +201,7 @@
       "skipIdRedaction": True or False, # If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: "Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity." http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html
     },
     "fhir": { # Specifies how to handle de-identification of a FHIR store. # Configures de-id of application/FHIR content.
+      "defaultKeepExtensions": True or False, # The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default.
       "fieldMetadataList": [ # Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`.
         { # Specifies FHIR paths to match, and how to handle de-identification of matching fields.
           "action": "A String", # Deidentify action for one field.

docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.html

diff --git a/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.html b/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.html
index 9ec3343..7566cc9 100644
--- a/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.html
+++ b/docs/dyn/healthcare_v1.projects.locations.datasets.fhirStores.html
@@ -241,6 +241,7 @@
       "skipIdRedaction": True or False, # If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: "Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity." http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html
     },
     "fhir": { # Specifies how to handle de-identification of a FHIR store. # Configures de-id of application/FHIR content.
+      "defaultKeepExtensions": True or False, # The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default.
       "fieldMetadataList": [ # Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`.
         { # Specifies FHIR paths to match, and how to handle de-identification of matching fields.
           "action": "A String", # Deidentify action for one field.

docs/dyn/healthcare_v1.projects.locations.datasets.html

diff --git a/docs/dyn/healthcare_v1.projects.locations.datasets.html b/docs/dyn/healthcare_v1.projects.locations.datasets.html
index 3fcb7a3..c0eb8db 100644
--- a/docs/dyn/healthcare_v1.projects.locations.datasets.html
+++ b/docs/dyn/healthcare_v1.projects.locations.datasets.html
@@ -208,6 +208,7 @@
       "skipIdRedaction": True or False, # If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: "Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity." http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html
     },
     "fhir": { # Specifies how to handle de-identification of a FHIR store. # Configures de-id of application/FHIR content.
+      "defaultKeepExtensions": True or False, # The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default.
       "fieldMetadataList": [ # Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`.
         { # Specifies FHIR paths to match, and how to handle de-identification of matching fields.
           "action": "A String", # Deidentify action for one field.

docs/dyn/healthcare_v1beta1.projects.locations.datasets.dicomStores.html

diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.dicomStores.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.dicomStores.html
index 88c983b..fda7970 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.dicomStores.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.dicomStores.html
@@ -225,6 +225,7 @@
       "skipIdRedaction": True or False, # If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: "Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity." http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html
     },
     "fhir": { # Specifies how to handle de-identification of a FHIR store. # Configures de-id of application/FHIR content.
+      "defaultKeepExtensions": True or False, # The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default.
       "fieldMetadataList": [ # Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`. If a field can be matched by more than one FieldMetadata, the first FieldMetadata.Action is applied.
         { # Specifies FHIR paths to match, and how to handle de-identification of matching fields.
           "action": "A String", # Deidentify action for one field.

docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.html

diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.html
index cd36732..732ab80 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.fhirStores.html
@@ -319,6 +319,7 @@
       "skipIdRedaction": True or False, # If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: "Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity." http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html
     },
     "fhir": { # Specifies how to handle de-identification of a FHIR store. # Configures de-id of application/FHIR content.
+      "defaultKeepExtensions": True or False, # The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default.
       "fieldMetadataList": [ # Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`. If a field can be matched by more than one FieldMetadata, the first FieldMetadata.Action is applied.
         { # Specifies FHIR paths to match, and how to handle de-identification of matching fields.
           "action": "A String", # Deidentify action for one field.

docs/dyn/healthcare_v1beta1.projects.locations.datasets.html

diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html
index e31109c..b86cdcd 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html
@@ -217,6 +217,7 @@
       "skipIdRedaction": True or False, # If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: "Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity." http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html
     },
     "fhir": { # Specifies how to handle de-identification of a FHIR store. # Configures de-id of application/FHIR content.
+      "defaultKeepExtensions": True or False, # The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default.
       "fieldMetadataList": [ # Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`. If a field can be matched by more than one FieldMetadata, the first FieldMetadata.Action is applied.
         { # Specifies FHIR paths to match, and how to handle de-identification of matching fields.
           "action": "A String", # Deidentify action for one field.

docs/dyn/iam_v1.projects.serviceAccounts.html

diff --git a/docs/dyn/iam_v1.projects.serviceAccounts.html b/docs/dyn/iam_v1.projects.serviceAccounts.html
index 0155aa2..6b6d3af 100644
--- a/docs/dyn/iam_v1.projects.serviceAccounts.html
+++ b/docs/dyn/iam_v1.projects.serviceAccounts.html
@@ -277,7 +277,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/iap_v1.v1.html

diff --git a/docs/dyn/iap_v1.v1.html b/docs/dyn/iap_v1.v1.html
index 1da23e5..7f165b7 100644
--- a/docs/dyn/iap_v1.v1.html
+++ b/docs/dyn/iap_v1.v1.html
@@ -109,7 +109,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/iap_v1beta1.v1beta1.html

diff --git a/docs/dyn/iap_v1beta1.v1beta1.html b/docs/dyn/iap_v1beta1.v1beta1.html
index 2088e2d..0925087 100644
--- a/docs/dyn/iap_v1beta1.v1beta1.html
+++ b/docs/dyn/iap_v1beta1.v1beta1.html
@@ -103,7 +103,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/index.md

diff --git a/docs/dyn/index.md b/docs/dyn/index.md
index c1b898a..cab18eb 100644
--- a/docs/dyn/index.md
+++ b/docs/dyn/index.md
@@ -356,6 +356,7 @@
 
 
 ## datastream
+* [v1](http://googleapis.github.io/google-api-python-client/docs/dyn/datastream_v1.html)
 * [v1alpha1](http://googleapis.github.io/google-api-python-client/docs/dyn/datastream_v1alpha1.html)
 
 
@@ -1015,10 +1016,6 @@
 * [v1](http://googleapis.github.io/google-api-python-client/docs/dyn/webfonts_v1.html)
 
 
-## webmasters
-* [v3](http://googleapis.github.io/google-api-python-client/docs/dyn/webmasters_v3.html)
-
-
 ## webrisk
 * [v1](http://googleapis.github.io/google-api-python-client/docs/dyn/webrisk_v1.html)
 

docs/dyn/managedidentities_v1.projects.locations.global_.domains.html

diff --git a/docs/dyn/managedidentities_v1.projects.locations.global_.domains.html b/docs/dyn/managedidentities_v1.projects.locations.global_.domains.html
index e55f2f4..36b4e8e 100644
--- a/docs/dyn/managedidentities_v1.projects.locations.global_.domains.html
+++ b/docs/dyn/managedidentities_v1.projects.locations.global_.domains.html
@@ -419,7 +419,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -428,19 +428,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -716,19 +716,19 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -744,19 +744,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/managedidentities_v1.projects.locations.global_.peerings.html

diff --git a/docs/dyn/managedidentities_v1.projects.locations.global_.peerings.html b/docs/dyn/managedidentities_v1.projects.locations.global_.peerings.html
index 8874f99..3f9a6b8 100644
--- a/docs/dyn/managedidentities_v1.projects.locations.global_.peerings.html
+++ b/docs/dyn/managedidentities_v1.projects.locations.global_.peerings.html
@@ -231,7 +231,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -240,19 +240,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -376,19 +376,19 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -404,19 +404,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.backups.html

diff --git a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.backups.html b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.backups.html
index f963895..665071a 100644
--- a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.backups.html
+++ b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.backups.html
@@ -229,7 +229,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -238,19 +238,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -372,19 +372,19 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -400,19 +400,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html

diff --git a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html
index 7d1f27f..b1ade2c 100644
--- a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html
+++ b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html
@@ -427,7 +427,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -436,19 +436,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -777,19 +777,19 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -805,19 +805,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/managedidentities_v1alpha1.projects.locations.global_.peerings.html

diff --git a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.peerings.html b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.peerings.html
index 011ed97..d815d41 100644
--- a/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.peerings.html
+++ b/docs/dyn/managedidentities_v1alpha1.projects.locations.global_.peerings.html
@@ -231,7 +231,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -240,19 +240,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -376,19 +376,19 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -404,19 +404,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.backups.html

diff --git a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.backups.html b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.backups.html
index 399c5b2..b01299d 100644
--- a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.backups.html
+++ b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.backups.html
@@ -229,7 +229,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -238,19 +238,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -372,19 +372,19 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -400,19 +400,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.html

diff --git a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.html b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.html
index 6044788..e3102f341 100644
--- a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.html
+++ b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.domains.html
@@ -427,7 +427,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -436,19 +436,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -766,19 +766,19 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -794,19 +794,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/managedidentities_v1beta1.projects.locations.global_.peerings.html

diff --git a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.peerings.html b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.peerings.html
index f93f7cc..3d8dc1e 100644
--- a/docs/dyn/managedidentities_v1beta1.projects.locations.global_.peerings.html
+++ b/docs/dyn/managedidentities_v1beta1.projects.locations.global_.peerings.html
@@ -231,7 +231,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -240,19 +240,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -376,19 +376,19 @@
     The object takes the form of:
 
 { # Request message for `SetIamPolicy` method.
-  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
-    "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-      { # Associates `members` with a `role`.
-        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
+    "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+      { # Associates `members`, or principals, with a `role`.
+        "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
           "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
           "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
           "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
           "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
         },
-        "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+        "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
           "A String",
         ],
-        "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+        "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
       },
     ],
     "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
@@ -404,19 +404,19 @@
 Returns:
   An object of the form:
 
-    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
-  "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. The `bindings` in a `Policy` can refer to up to 1,500 members; up to 250 of these members can be Google groups. Each occurrence of a member counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other member, then you can add another 1,450 members to the `bindings` in the `Policy`.
-    { # Associates `members` with a `role`.
-      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
+  "bindings": [ # Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
+    { # Associates `members`, or principals, with a `role`.
+      "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
         "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
         "expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
         "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
         "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
       },
-      "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
+      "members": [ # Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
         "A String",
       ],
-      "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
+      "role": "A String", # Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
     },
   ],
   "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

docs/dyn/metastore_v1alpha.projects.locations.services.backups.html

diff --git a/docs/dyn/metastore_v1alpha.projects.locations.services.backups.html b/docs/dyn/metastore_v1alpha.projects.locations.services.backups.html
index 4921ac3..481a3c5 100644
--- a/docs/dyn/metastore_v1alpha.projects.locations.services.backups.html
+++ b/docs/dyn/metastore_v1alpha.projects.locations.services.backups.html
@@ -187,6 +187,14 @@
     },
     "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
     "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+    "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+      "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+        { # Contains information of the customer's network configurations.
+          "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+          "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+        },
+      ],
+    },
     "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
     "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
     "state": "A String", # Output only. The current state of the metastore service.
@@ -350,6 +358,14 @@
     },
     "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
     "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+    "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+      "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+        { # Contains information of the customer's network configurations.
+          "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+          "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+        },
+      ],
+    },
     "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
     "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
     "state": "A String", # Output only. The current state of the metastore service.
@@ -368,7 +384,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset.The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -501,6 +517,14 @@
         },
         "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
         "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+        "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+          "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+            { # Contains information of the customer's network configurations.
+              "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+              "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+            },
+          ],
+        },
         "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
         "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
         "state": "A String", # Output only. The current state of the metastore service.

docs/dyn/metastore_v1alpha.projects.locations.services.databases.html

diff --git a/docs/dyn/metastore_v1alpha.projects.locations.services.databases.html b/docs/dyn/metastore_v1alpha.projects.locations.services.databases.html
index 93a7ab8..69ef50d 100644
--- a/docs/dyn/metastore_v1alpha.projects.locations.services.databases.html
+++ b/docs/dyn/metastore_v1alpha.projects.locations.services.databases.html
@@ -103,7 +103,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset.The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/metastore_v1alpha.projects.locations.services.databases.tables.html

diff --git a/docs/dyn/metastore_v1alpha.projects.locations.services.databases.tables.html b/docs/dyn/metastore_v1alpha.projects.locations.services.databases.tables.html
index 5238a70..e6f2d83 100644
--- a/docs/dyn/metastore_v1alpha.projects.locations.services.databases.tables.html
+++ b/docs/dyn/metastore_v1alpha.projects.locations.services.databases.tables.html
@@ -98,7 +98,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset.The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/metastore_v1alpha.projects.locations.services.html

diff --git a/docs/dyn/metastore_v1alpha.projects.locations.services.html b/docs/dyn/metastore_v1alpha.projects.locations.services.html
index 85bb0d6..8b4bf09 100644
--- a/docs/dyn/metastore_v1alpha.projects.locations.services.html
+++ b/docs/dyn/metastore_v1alpha.projects.locations.services.html
@@ -203,6 +203,14 @@
   },
   "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
   "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+  "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+    "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+      { # Contains information of the customer's network configurations.
+        "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+        "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+      },
+    ],
+  },
   "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
   "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
   "state": "A String", # Output only. The current state of the metastore service.
@@ -400,6 +408,14 @@
   },
   "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
   "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+  "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+    "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+      { # Contains information of the customer's network configurations.
+        "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+        "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+      },
+    ],
+  },
   "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
   "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
   "state": "A String", # Output only. The current state of the metastore service.
@@ -416,7 +432,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset.The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -542,6 +558,14 @@
       },
       "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
       "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+      "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+        "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+          { # Contains information of the customer's network configurations.
+            "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+            "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+          },
+        ],
+      },
       "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
       "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
       "state": "A String", # Output only. The current state of the metastore service.
@@ -643,6 +667,14 @@
   },
   "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
   "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+  "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+    "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+      { # Contains information of the customer's network configurations.
+        "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+        "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+      },
+    ],
+  },
   "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
   "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
   "state": "A String", # Output only. The current state of the metastore service.

docs/dyn/metastore_v1beta.projects.locations.services.backups.html

diff --git a/docs/dyn/metastore_v1beta.projects.locations.services.backups.html b/docs/dyn/metastore_v1beta.projects.locations.services.backups.html
index 46ec0e8..e288d29 100644
--- a/docs/dyn/metastore_v1beta.projects.locations.services.backups.html
+++ b/docs/dyn/metastore_v1beta.projects.locations.services.backups.html
@@ -187,6 +187,14 @@
     },
     "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
     "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+    "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+      "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+        { # Contains information of the customer's network configurations.
+          "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+          "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+        },
+      ],
+    },
     "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
     "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
     "state": "A String", # Output only. The current state of the metastore service.
@@ -350,6 +358,14 @@
     },
     "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
     "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+    "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+      "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+        { # Contains information of the customer's network configurations.
+          "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+          "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+        },
+      ],
+    },
     "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
     "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
     "state": "A String", # Output only. The current state of the metastore service.
@@ -368,7 +384,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset.The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -501,6 +517,14 @@
         },
         "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
         "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+        "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+          "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+            { # Contains information of the customer's network configurations.
+              "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+              "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+            },
+          ],
+        },
         "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
         "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
         "state": "A String", # Output only. The current state of the metastore service.

docs/dyn/metastore_v1beta.projects.locations.services.html

diff --git a/docs/dyn/metastore_v1beta.projects.locations.services.html b/docs/dyn/metastore_v1beta.projects.locations.services.html
index 9d46abb..4113fc1 100644
--- a/docs/dyn/metastore_v1beta.projects.locations.services.html
+++ b/docs/dyn/metastore_v1beta.projects.locations.services.html
@@ -198,6 +198,14 @@
   },
   "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
   "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+  "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+    "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+      { # Contains information of the customer's network configurations.
+        "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+        "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+      },
+    ],
+  },
   "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
   "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
   "state": "A String", # Output only. The current state of the metastore service.
@@ -395,6 +403,14 @@
   },
   "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
   "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+  "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+    "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+      { # Contains information of the customer's network configurations.
+        "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+        "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+      },
+    ],
+  },
   "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
   "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
   "state": "A String", # Output only. The current state of the metastore service.
@@ -411,7 +427,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy.Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected.Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset.The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -537,6 +553,14 @@
       },
       "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
       "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+      "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+        "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+          { # Contains information of the customer's network configurations.
+            "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+            "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+          },
+        ],
+      },
       "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
       "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
       "state": "A String", # Output only. The current state of the metastore service.
@@ -638,6 +662,14 @@
   },
   "name": "A String", # Immutable. The relative resource name of the metastore service, of the form:projects/{project_number}/locations/{location_id}/services/{service_id}.
   "network": "A String", # Immutable. The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form:projects/{project_number}/global/networks/{network_id}.
+  "networkConfig": { # Network configuration for the Dataproc Metastore service. # Immutable. The configuration specifying the network settings for the Dataproc Metastore service.
+    "consumers": [ # Immutable. The consumer-side network configuration for the Dataproc Metastore instance.
+      { # Contains information of the customer's network configurations.
+        "endpointUri": "A String", # Output only. The URI of the endpoint used to access the metastore service.
+        "subnetwork": "A String", # The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form:`projects/{project_number}/regions/{region_id}/subnetworks/{subnetwork_id}
+      },
+    ],
+  },
   "port": 42, # The TCP port at which the metastore service is reached. Default: 9083.
   "releaseChannel": "A String", # Immutable. The release channel of the service. If unspecified, defaults to STABLE.
   "state": "A String", # Output only. The current state of the metastore service.

docs/dyn/monitoring_v1.projects.dashboards.html

diff --git a/docs/dyn/monitoring_v1.projects.dashboards.html b/docs/dyn/monitoring_v1.projects.dashboards.html
index 0ec4a83..eae8ef1 100644
--- a/docs/dyn/monitoring_v1.projects.dashboards.html
+++ b/docs/dyn/monitoring_v1.projects.dashboards.html
@@ -122,6 +122,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -429,6 +435,12 @@
         },
         "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
         },
+        "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+          "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+          "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+            "A String",
+          ],
+        },
         "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
           "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
             "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -737,6 +749,12 @@
           },
           "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
           },
+          "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+            "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+            "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+              "A String",
+            ],
+          },
           "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
             "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
               "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -1047,6 +1065,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -1366,6 +1390,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -1673,6 +1703,12 @@
         },
         "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
         },
+        "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+          "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+          "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+            "A String",
+          ],
+        },
         "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
           "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
             "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -1981,6 +2017,12 @@
           },
           "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
           },
+          "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+            "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+            "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+              "A String",
+            ],
+          },
           "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
             "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
               "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -2291,6 +2333,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -2634,6 +2682,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -2941,6 +2995,12 @@
         },
         "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
         },
+        "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+          "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+          "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+            "A String",
+          ],
+        },
         "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
           "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
             "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -3249,6 +3309,12 @@
           },
           "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
           },
+          "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+            "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+            "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+              "A String",
+            ],
+          },
           "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
             "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
               "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -3559,6 +3625,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -3888,6 +3960,12 @@
                 },
                 "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
                 },
+                "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+                  "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+                  "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                    "A String",
+                  ],
+                },
                 "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
                   "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                     "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -4195,6 +4273,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -4503,6 +4587,12 @@
               },
               "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
               },
+              "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+                "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+                "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                  "A String",
+                ],
+              },
               "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
                 "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                   "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -4813,6 +4903,12 @@
                 },
                 "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
                 },
+                "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+                  "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+                  "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                    "A String",
+                  ],
+                },
                 "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
                   "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                     "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -5150,6 +5246,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -5457,6 +5559,12 @@
         },
         "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
         },
+        "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+          "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+          "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+            "A String",
+          ],
+        },
         "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
           "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
             "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -5765,6 +5873,12 @@
           },
           "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
           },
+          "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+            "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+            "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+              "A String",
+            ],
+          },
           "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
             "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
               "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -6075,6 +6189,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -6394,6 +6514,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -6701,6 +6827,12 @@
         },
         "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
         },
+        "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+          "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+          "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+            "A String",
+          ],
+        },
         "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
           "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
             "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -7009,6 +7141,12 @@
           },
           "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
           },
+          "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+            "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+            "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+              "A String",
+            ],
+          },
           "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
             "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
               "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.
@@ -7319,6 +7457,12 @@
             },
             "blank": { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for Empty is empty JSON object {}. # A blank space.
             },
+            "logsPanel": { # A widget that displays a stream of log. # A widget that shows a stream of logs.
+              "filter": "A String", # A filter that chooses which log entries to return. See Advanced Logs Queries (https://cloud.google.com/logging/docs/view/advanced-queries). Only log entries that match the filter are returned. An empty filter matches all log entries.
+              "resourceNames": [ # The names of logging resources to collect logs for. Does not implicitly include the current host project. Currently only projects are supported. There must be at least one resource_name.
+                "A String",
+              ],
+            },
             "scorecard": { # A widget showing the latest value of a metric, and how this value relates to one or more thresholds. # A scorecard summarizing time series data.
               "gaugeView": { # A gauge chart shows where the current value sits within a pre-defined range. The upper and lower bounds should define the possible range of values for the scorecard's query (inclusive). # Will cause the scorecard to show a gauge chart.
                 "lowerBound": 3.14, # The lower bound for this gauge chart. The value of the chart should always be greater than or equal to this.

docs/dyn/mybusinessbusinessinformation_v1.accounts.locations.html

diff --git a/docs/dyn/mybusinessbusinessinformation_v1.accounts.locations.html b/docs/dyn/mybusinessbusinessinformation_v1.accounts.locations.html
index d4dbc1b..eae9d32 100644
--- a/docs/dyn/mybusinessbusinessinformation_v1.accounts.locations.html
+++ b/docs/dyn/mybusinessbusinessinformation_v1.accounts.locations.html
@@ -153,6 +153,7 @@
   },
   "metadata": { # Additional non-user-editable information about the location. # Output only. Additional non-user-editable information.
     "canDelete": True or False, # Output only. Indicates whether the location can be deleted using the API.
+    "canHaveBusinessCalls": True or False, # Output only. Indicates if the listing is eligible for business calls.
     "canHaveFoodMenus": True or False, # Output only. Indicates if the listing is eligible for food menu.
     "canModifyServiceList": True or False, # Output only. Indicates if the listing can modify the service list.
     "canOperateHealthData": True or False, # Output only. Indicates whether the location can operate on Health data.
@@ -386,6 +387,7 @@
   },
   "metadata": { # Additional non-user-editable information about the location. # Output only. Additional non-user-editable information.
     "canDelete": True or False, # Output only. Indicates whether the location can be deleted using the API.
+    "canHaveBusinessCalls": True or False, # Output only. Indicates if the listing is eligible for business calls.
     "canHaveFoodMenus": True or False, # Output only. Indicates if the listing is eligible for food menu.
     "canModifyServiceList": True or False, # Output only. Indicates if the listing can modify the service list.
     "canOperateHealthData": True or False, # Output only. Indicates whether the location can operate on Health data.
@@ -631,6 +633,7 @@
       },
       "metadata": { # Additional non-user-editable information about the location. # Output only. Additional non-user-editable information.
         "canDelete": True or False, # Output only. Indicates whether the location can be deleted using the API.
+        "canHaveBusinessCalls": True or False, # Output only. Indicates if the listing is eligible for business calls.
         "canHaveFoodMenus": True or False, # Output only. Indicates if the listing is eligible for food menu.
         "canModifyServiceList": True or False, # Output only. Indicates if the listing can modify the service list.
         "canOperateHealthData": True or False, # Output only. Indicates whether the location can operate on Health data.

docs/dyn/mybusinessbusinessinformation_v1.googleLocations.html

diff --git a/docs/dyn/mybusinessbusinessinformation_v1.googleLocations.html b/docs/dyn/mybusinessbusinessinformation_v1.googleLocations.html
index f1dc6fc..b060302 100644
--- a/docs/dyn/mybusinessbusinessinformation_v1.googleLocations.html
+++ b/docs/dyn/mybusinessbusinessinformation_v1.googleLocations.html
@@ -147,6 +147,7 @@
     },
     "metadata": { # Additional non-user-editable information about the location. # Output only. Additional non-user-editable information.
       "canDelete": True or False, # Output only. Indicates whether the location can be deleted using the API.
+      "canHaveBusinessCalls": True or False, # Output only. Indicates if the listing is eligible for business calls.
       "canHaveFoodMenus": True or False, # Output only. Indicates if the listing is eligible for food menu.
       "canModifyServiceList": True or False, # Output only. Indicates if the listing can modify the service list.
       "canOperateHealthData": True or False, # Output only. Indicates whether the location can operate on Health data.
@@ -384,6 +385,7 @@
         },
         "metadata": { # Additional non-user-editable information about the location. # Output only. Additional non-user-editable information.
           "canDelete": True or False, # Output only. Indicates whether the location can be deleted using the API.
+          "canHaveBusinessCalls": True or False, # Output only. Indicates if the listing is eligible for business calls.
           "canHaveFoodMenus": True or False, # Output only. Indicates if the listing is eligible for food menu.
           "canModifyServiceList": True or False, # Output only. Indicates if the listing can modify the service list.
           "canOperateHealthData": True or False, # Output only. Indicates whether the location can operate on Health data.

docs/dyn/mybusinessbusinessinformation_v1.locations.html

diff --git a/docs/dyn/mybusinessbusinessinformation_v1.locations.html b/docs/dyn/mybusinessbusinessinformation_v1.locations.html
index 70293cc..fe41ffd 100644
--- a/docs/dyn/mybusinessbusinessinformation_v1.locations.html
+++ b/docs/dyn/mybusinessbusinessinformation_v1.locations.html
@@ -246,6 +246,7 @@
   },
   "metadata": { # Additional non-user-editable information about the location. # Output only. Additional non-user-editable information.
     "canDelete": True or False, # Output only. Indicates whether the location can be deleted using the API.
+    "canHaveBusinessCalls": True or False, # Output only. Indicates if the listing is eligible for business calls.
     "canHaveFoodMenus": True or False, # Output only. Indicates if the listing is eligible for food menu.
     "canModifyServiceList": True or False, # Output only. Indicates if the listing can modify the service list.
     "canOperateHealthData": True or False, # Output only. Indicates whether the location can operate on Health data.
@@ -528,6 +529,7 @@
     },
     "metadata": { # Additional non-user-editable information about the location. # Output only. Additional non-user-editable information.
       "canDelete": True or False, # Output only. Indicates whether the location can be deleted using the API.
+      "canHaveBusinessCalls": True or False, # Output only. Indicates if the listing is eligible for business calls.
       "canHaveFoodMenus": True or False, # Output only. Indicates if the listing is eligible for food menu.
       "canModifyServiceList": True or False, # Output only. Indicates if the listing can modify the service list.
       "canOperateHealthData": True or False, # Output only. Indicates whether the location can operate on Health data.
@@ -763,6 +765,7 @@
   },
   "metadata": { # Additional non-user-editable information about the location. # Output only. Additional non-user-editable information.
     "canDelete": True or False, # Output only. Indicates whether the location can be deleted using the API.
+    "canHaveBusinessCalls": True or False, # Output only. Indicates if the listing is eligible for business calls.
     "canHaveFoodMenus": True or False, # Output only. Indicates if the listing is eligible for food menu.
     "canModifyServiceList": True or False, # Output only. Indicates if the listing can modify the service list.
     "canOperateHealthData": True or False, # Output only. Indicates whether the location can operate on Health data.
@@ -996,6 +999,7 @@
   },
   "metadata": { # Additional non-user-editable information about the location. # Output only. Additional non-user-editable information.
     "canDelete": True or False, # Output only. Indicates whether the location can be deleted using the API.
+    "canHaveBusinessCalls": True or False, # Output only. Indicates if the listing is eligible for business calls.
     "canHaveFoodMenus": True or False, # Output only. Indicates if the listing is eligible for food menu.
     "canModifyServiceList": True or False, # Output only. Indicates if the listing can modify the service list.
     "canOperateHealthData": True or False, # Output only. Indicates whether the location can operate on Health data.

docs/dyn/networkmanagement_v1.projects.locations.global_.connectivityTests.html

diff --git a/docs/dyn/networkmanagement_v1.projects.locations.global_.connectivityTests.html b/docs/dyn/networkmanagement_v1.projects.locations.global_.connectivityTests.html
index ba8c6d8..519fafb 100644
--- a/docs/dyn/networkmanagement_v1.projects.locations.global_.connectivityTests.html
+++ b/docs/dyn/networkmanagement_v1.projects.locations.global_.connectivityTests.html
@@ -610,7 +610,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/networkmanagement_v1beta1.projects.locations.global_.connectivityTests.html

diff --git a/docs/dyn/networkmanagement_v1beta1.projects.locations.global_.connectivityTests.html b/docs/dyn/networkmanagement_v1beta1.projects.locations.global_.connectivityTests.html
index 89837aa..636e2bf 100644
--- a/docs/dyn/networkmanagement_v1beta1.projects.locations.global_.connectivityTests.html
+++ b/docs/dyn/networkmanagement_v1beta1.projects.locations.global_.connectivityTests.html
@@ -694,7 +694,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/networkservices_v1.projects.locations.edgeCacheKeysets.html

diff --git a/docs/dyn/networkservices_v1.projects.locations.edgeCacheKeysets.html b/docs/dyn/networkservices_v1.projects.locations.edgeCacheKeysets.html
index f3448d9..c6673d3 100644
--- a/docs/dyn/networkservices_v1.projects.locations.edgeCacheKeysets.html
+++ b/docs/dyn/networkservices_v1.projects.locations.edgeCacheKeysets.html
@@ -98,7 +98,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/networkservices_v1.projects.locations.edgeCacheOrigins.html

diff --git a/docs/dyn/networkservices_v1.projects.locations.edgeCacheOrigins.html b/docs/dyn/networkservices_v1.projects.locations.edgeCacheOrigins.html
index 674d0b0..b6e025e 100644
--- a/docs/dyn/networkservices_v1.projects.locations.edgeCacheOrigins.html
+++ b/docs/dyn/networkservices_v1.projects.locations.edgeCacheOrigins.html
@@ -98,7 +98,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/networkservices_v1.projects.locations.edgeCacheServices.html

diff --git a/docs/dyn/networkservices_v1.projects.locations.edgeCacheServices.html b/docs/dyn/networkservices_v1.projects.locations.edgeCacheServices.html
index 586b771..2750ed6 100644
--- a/docs/dyn/networkservices_v1.projects.locations.edgeCacheServices.html
+++ b/docs/dyn/networkservices_v1.projects.locations.edgeCacheServices.html
@@ -98,7 +98,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/networkservices_v1.projects.locations.endpointPolicies.html

diff --git a/docs/dyn/networkservices_v1.projects.locations.endpointPolicies.html b/docs/dyn/networkservices_v1.projects.locations.endpointPolicies.html
index bf53a76..20f3fbb 100644
--- a/docs/dyn/networkservices_v1.projects.locations.endpointPolicies.html
+++ b/docs/dyn/networkservices_v1.projects.locations.endpointPolicies.html
@@ -120,7 +120,7 @@
     The object takes the form of:
 
 { # EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.
-  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint. Applicable only when EndpointPolicyType is SIDECAR_PROXY.
+  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
   "clientTlsPolicy": "A String", # Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
   "createTime": "A String", # Output only. The timestamp when the resource was created.
   "description": "A String", # Optional. A free-text description of the resource. Max length 1024 characters.
@@ -229,7 +229,7 @@
   An object of the form:
 
     { # EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.
-  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint. Applicable only when EndpointPolicyType is SIDECAR_PROXY.
+  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
   "clientTlsPolicy": "A String", # Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
   "createTime": "A String", # Output only. The timestamp when the resource was created.
   "description": "A String", # Optional. A free-text description of the resource. Max length 1024 characters.
@@ -265,7 +265,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -326,7 +326,7 @@
     { # Response returned by the ListEndpointPolicies method.
   "endpointPolicies": [ # List of EndpointPolicy resources.
     { # EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.
-      "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint. Applicable only when EndpointPolicyType is SIDECAR_PROXY.
+      "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
       "clientTlsPolicy": "A String", # Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
       "createTime": "A String", # Output only. The timestamp when the resource was created.
       "description": "A String", # Optional. A free-text description of the resource. Max length 1024 characters.
@@ -383,7 +383,7 @@
     The object takes the form of:
 
 { # EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.
-  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint. Applicable only when EndpointPolicyType is SIDECAR_PROXY.
+  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
   "clientTlsPolicy": "A String", # Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
   "createTime": "A String", # Output only. The timestamp when the resource was created.
   "description": "A String", # Optional. A free-text description of the resource. Max length 1024 characters.

docs/dyn/networkservices_v1beta1.projects.locations.endpointPolicies.html

diff --git a/docs/dyn/networkservices_v1beta1.projects.locations.endpointPolicies.html b/docs/dyn/networkservices_v1beta1.projects.locations.endpointPolicies.html
index a411d8d..d381294 100644
--- a/docs/dyn/networkservices_v1beta1.projects.locations.endpointPolicies.html
+++ b/docs/dyn/networkservices_v1beta1.projects.locations.endpointPolicies.html
@@ -120,7 +120,7 @@
     The object takes the form of:
 
 { # EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.
-  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint. Applicable only when EndpointPolicyType is SIDECAR_PROXY.
+  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
   "clientTlsPolicy": "A String", # Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
   "createTime": "A String", # Output only. The timestamp when the resource was created.
   "description": "A String", # Optional. A free-text description of the resource. Max length 1024 characters.
@@ -229,7 +229,7 @@
   An object of the form:
 
     { # EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.
-  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint. Applicable only when EndpointPolicyType is SIDECAR_PROXY.
+  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
   "clientTlsPolicy": "A String", # Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
   "createTime": "A String", # Output only. The timestamp when the resource was created.
   "description": "A String", # Optional. A free-text description of the resource. Max length 1024 characters.
@@ -265,7 +265,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -326,7 +326,7 @@
     { # Response returned by the ListEndpointPolicies method.
   "endpointPolicies": [ # List of EndpointPolicy resources.
     { # EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.
-      "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint. Applicable only when EndpointPolicyType is SIDECAR_PROXY.
+      "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
       "clientTlsPolicy": "A String", # Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
       "createTime": "A String", # Output only. The timestamp when the resource was created.
       "description": "A String", # Optional. A free-text description of the resource. Max length 1024 characters.
@@ -383,7 +383,7 @@
     The object takes the form of:
 
 { # EndpointPolicy is a resource that helps apply desired configuration on the endpoints that match specific criteria. For example, this resource can be used to apply "authentication config" an all endpoints that serve on port 8080.
-  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint. Applicable only when EndpointPolicyType is SIDECAR_PROXY.
+  "authorizationPolicy": "A String", # Optional. This field specifies the URL of AuthorizationPolicy resource that applies authorization policies to the inbound traffic at the matched endpoints. Refer to Authorization. If this field is not specified, authorization is disabled(no authz checks) for this endpoint.
   "clientTlsPolicy": "A String", # Optional. A URL referring to a ClientTlsPolicy resource. ClientTlsPolicy can be set to specify the authentication for traffic from the proxy to the actual endpoints. More specifically, it is applied to the outgoing traffic from the proxy to the endpoint. This is typically used for sidecar model where the proxy identifies itself as endpoint to the control plane, with the connection between sidecar and endpoint requiring authentication. If this field is not set, authentication is disabled(open). Applicable only when EndpointPolicyType is SIDECAR_PROXY.
   "createTime": "A String", # Output only. The timestamp when the resource was created.
   "description": "A String", # Optional. A free-text description of the resource. Max length 1024 characters.

docs/dyn/paymentsresellersubscription_v1.partners.subscriptions.html

diff --git a/docs/dyn/paymentsresellersubscription_v1.partners.subscriptions.html b/docs/dyn/paymentsresellersubscription_v1.partners.subscriptions.html
index e76f98c..e072b6a 100644
--- a/docs/dyn/paymentsresellersubscription_v1.partners.subscriptions.html
+++ b/docs/dyn/paymentsresellersubscription_v1.partners.subscriptions.html
@@ -140,6 +140,7 @@
       "A String",
     ],
     "redirectUri": "A String", # Output only. The place where partners should redirect the end-user to after creation. This field might also be populated when creation failed. However, Partners should always prepare a default URL to redirect the user in case this field is empty.
+    "renewalTime": "A String", # Output only. The time at which the subscription is expected to be renewed by Google - a new charge will be incurred and the service entitlement will be renewed. A non-immediate cancellation will take place at this time too, before which, the service entitlement for the end user will remain valid. UTC timezone in ISO 8061 format. For example: "2019-08-31T17:28:54.564Z"
     "serviceLocation": { # Describes a location of an end user. # Required. The location that the service is provided as indicated by the partner.
       "postalCode": "A String", # The postal code this location refers to. Ex. "94043"
       "regionCode": "A String", # 2-letter ISO region code for current content region. Ex. “US” Please refers to: https://en.wikipedia.org/wiki/ISO_3166-1
@@ -186,6 +187,7 @@
     "A String",
   ],
   "redirectUri": "A String", # Output only. The place where partners should redirect the end-user to after creation. This field might also be populated when creation failed. However, Partners should always prepare a default URL to redirect the user in case this field is empty.
+  "renewalTime": "A String", # Output only. The time at which the subscription is expected to be renewed by Google - a new charge will be incurred and the service entitlement will be renewed. A non-immediate cancellation will take place at this time too, before which, the service entitlement for the end user will remain valid. UTC timezone in ISO 8061 format. For example: "2019-08-31T17:28:54.564Z"
   "serviceLocation": { # Describes a location of an end user. # Required. The location that the service is provided as indicated by the partner.
     "postalCode": "A String", # The postal code this location refers to. Ex. "94043"
     "regionCode": "A String", # 2-letter ISO region code for current content region. Ex. “US” Please refers to: https://en.wikipedia.org/wiki/ISO_3166-1
@@ -225,6 +227,7 @@
     "A String",
   ],
   "redirectUri": "A String", # Output only. The place where partners should redirect the end-user to after creation. This field might also be populated when creation failed. However, Partners should always prepare a default URL to redirect the user in case this field is empty.
+  "renewalTime": "A String", # Output only. The time at which the subscription is expected to be renewed by Google - a new charge will be incurred and the service entitlement will be renewed. A non-immediate cancellation will take place at this time too, before which, the service entitlement for the end user will remain valid. UTC timezone in ISO 8061 format. For example: "2019-08-31T17:28:54.564Z"
   "serviceLocation": { # Describes a location of an end user. # Required. The location that the service is provided as indicated by the partner.
     "postalCode": "A String", # The postal code this location refers to. Ex. "94043"
     "regionCode": "A String", # 2-letter ISO region code for current content region. Ex. “US” Please refers to: https://en.wikipedia.org/wiki/ISO_3166-1
@@ -277,6 +280,7 @@
       "A String",
     ],
     "redirectUri": "A String", # Output only. The place where partners should redirect the end-user to after creation. This field might also be populated when creation failed. However, Partners should always prepare a default URL to redirect the user in case this field is empty.
+    "renewalTime": "A String", # Output only. The time at which the subscription is expected to be renewed by Google - a new charge will be incurred and the service entitlement will be renewed. A non-immediate cancellation will take place at this time too, before which, the service entitlement for the end user will remain valid. UTC timezone in ISO 8061 format. For example: "2019-08-31T17:28:54.564Z"
     "serviceLocation": { # Describes a location of an end user. # Required. The location that the service is provided as indicated by the partner.
       "postalCode": "A String", # The postal code this location refers to. Ex. "94043"
       "regionCode": "A String", # 2-letter ISO region code for current content region. Ex. “US” Please refers to: https://en.wikipedia.org/wiki/ISO_3166-1
@@ -358,6 +362,7 @@
     "A String",
   ],
   "redirectUri": "A String", # Output only. The place where partners should redirect the end-user to after creation. This field might also be populated when creation failed. However, Partners should always prepare a default URL to redirect the user in case this field is empty.
+  "renewalTime": "A String", # Output only. The time at which the subscription is expected to be renewed by Google - a new charge will be incurred and the service entitlement will be renewed. A non-immediate cancellation will take place at this time too, before which, the service entitlement for the end user will remain valid. UTC timezone in ISO 8061 format. For example: "2019-08-31T17:28:54.564Z"
   "serviceLocation": { # Describes a location of an end user. # Required. The location that the service is provided as indicated by the partner.
     "postalCode": "A String", # The postal code this location refers to. Ex. "94043"
     "regionCode": "A String", # 2-letter ISO region code for current content region. Ex. “US” Please refers to: https://en.wikipedia.org/wiki/ISO_3166-1
@@ -398,6 +403,7 @@
     "A String",
   ],
   "redirectUri": "A String", # Output only. The place where partners should redirect the end-user to after creation. This field might also be populated when creation failed. However, Partners should always prepare a default URL to redirect the user in case this field is empty.
+  "renewalTime": "A String", # Output only. The time at which the subscription is expected to be renewed by Google - a new charge will be incurred and the service entitlement will be renewed. A non-immediate cancellation will take place at this time too, before which, the service entitlement for the end user will remain valid. UTC timezone in ISO 8061 format. For example: "2019-08-31T17:28:54.564Z"
   "serviceLocation": { # Describes a location of an end user. # Required. The location that the service is provided as indicated by the partner.
     "postalCode": "A String", # The postal code this location refers to. Ex. "94043"
     "regionCode": "A String", # 2-letter ISO region code for current content region. Ex. “US” Please refers to: https://en.wikipedia.org/wiki/ISO_3166-1
@@ -437,6 +443,7 @@
     "A String",
   ],
   "redirectUri": "A String", # Output only. The place where partners should redirect the end-user to after creation. This field might also be populated when creation failed. However, Partners should always prepare a default URL to redirect the user in case this field is empty.
+  "renewalTime": "A String", # Output only. The time at which the subscription is expected to be renewed by Google - a new charge will be incurred and the service entitlement will be renewed. A non-immediate cancellation will take place at this time too, before which, the service entitlement for the end user will remain valid. UTC timezone in ISO 8061 format. For example: "2019-08-31T17:28:54.564Z"
   "serviceLocation": { # Describes a location of an end user. # Required. The location that the service is provided as indicated by the partner.
     "postalCode": "A String", # The postal code this location refers to. Ex. "94043"
     "regionCode": "A String", # 2-letter ISO region code for current content region. Ex. “US” Please refers to: https://en.wikipedia.org/wiki/ISO_3166-1
@@ -489,6 +496,7 @@
       "A String",
     ],
     "redirectUri": "A String", # Output only. The place where partners should redirect the end-user to after creation. This field might also be populated when creation failed. However, Partners should always prepare a default URL to redirect the user in case this field is empty.
+    "renewalTime": "A String", # Output only. The time at which the subscription is expected to be renewed by Google - a new charge will be incurred and the service entitlement will be renewed. A non-immediate cancellation will take place at this time too, before which, the service entitlement for the end user will remain valid. UTC timezone in ISO 8061 format. For example: "2019-08-31T17:28:54.564Z"
     "serviceLocation": { # Describes a location of an end user. # Required. The location that the service is provided as indicated by the partner.
       "postalCode": "A String", # The postal code this location refers to. Ex. "94043"
       "regionCode": "A String", # 2-letter ISO region code for current content region. Ex. “US” Please refers to: https://en.wikipedia.org/wiki/ISO_3166-1

docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.html

diff --git a/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.html b/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.html
index 6e5d537..20eb88e 100644
--- a/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.html
+++ b/docs/dyn/privateca_v1.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.html
@@ -146,7 +146,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/privateca_v1.projects.locations.caPools.html

diff --git a/docs/dyn/privateca_v1.projects.locations.caPools.html b/docs/dyn/privateca_v1.projects.locations.caPools.html
index 35a4c17..f174b69 100644
--- a/docs/dyn/privateca_v1.projects.locations.caPools.html
+++ b/docs/dyn/privateca_v1.projects.locations.caPools.html
@@ -466,7 +466,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/privateca_v1.projects.locations.certificateTemplates.html

diff --git a/docs/dyn/privateca_v1.projects.locations.certificateTemplates.html b/docs/dyn/privateca_v1.projects.locations.certificateTemplates.html
index 39ba33d..86efd50 100644
--- a/docs/dyn/privateca_v1.projects.locations.certificateTemplates.html
+++ b/docs/dyn/privateca_v1.projects.locations.certificateTemplates.html
@@ -381,7 +381,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.certificateRevocationLists.html

diff --git a/docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.certificateRevocationLists.html b/docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.certificateRevocationLists.html
index ea2531e..60428e6 100644
--- a/docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.certificateRevocationLists.html
+++ b/docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.certificateRevocationLists.html
@@ -145,7 +145,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.html

diff --git a/docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.html b/docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.html
index 8bd5a0e..34abc69 100644
--- a/docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.html
+++ b/docs/dyn/privateca_v1beta1.projects.locations.certificateAuthorities.html
@@ -1180,7 +1180,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/privateca_v1beta1.projects.locations.reusableConfigs.html

diff --git a/docs/dyn/privateca_v1beta1.projects.locations.reusableConfigs.html b/docs/dyn/privateca_v1beta1.projects.locations.reusableConfigs.html
index 5b390e1..7bff369 100644
--- a/docs/dyn/privateca_v1beta1.projects.locations.reusableConfigs.html
+++ b/docs/dyn/privateca_v1beta1.projects.locations.reusableConfigs.html
@@ -187,7 +187,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/recaptchaenterprise_v1.projects.assessments.html

diff --git a/docs/dyn/recaptchaenterprise_v1.projects.assessments.html b/docs/dyn/recaptchaenterprise_v1.projects.assessments.html
index 94c1e34..20e6824 100644
--- a/docs/dyn/recaptchaenterprise_v1.projects.assessments.html
+++ b/docs/dyn/recaptchaenterprise_v1.projects.assessments.html
@@ -95,6 +95,7 @@
 
 { # The request message to annotate an Assessment.
   "annotation": "A String", # Optional. The annotation that will be assigned to the Event. This field can be left empty to provide reasons that apply to an event without concluding whether the event is legitimate or fraudulent.
+  "hashedAccountId": "A String", # Optional. Optional unique stable hashed user identifier to apply to the assessment. This is an alternative to setting the hashed_account_id in CreateAssessment, for example when the account identifier is not yet known in the initial request. It is recommended that the identifier is hashed using hmac-sha256 with stable secret.
   "reasons": [ # Optional. Optional reasons for the annotation that will be assigned to the Event.
     "A String",
   ],
@@ -127,6 +128,11 @@
     The object takes the form of:
 
 { # A recaptcha assessment resource.
+  "accountDefenderAssessment": { # Account Defender risk assessment. # Assessment returned by Account Defender when a hashed_account_id is provided.
+    "labels": [ # Labels for this request.
+      "A String",
+    ],
+  },
   "event": { # The event being assessed.
     "expectedAction": "A String", # Optional. The expected action for this type of event. This should be the same action provided at token generation time on client-side platforms already integrated with recaptcha enterprise.
     "siteKey": "A String", # Optional. The site key that was used to invoke reCAPTCHA on your site and generate the token.
@@ -159,6 +165,11 @@
   An object of the form:
 
     { # A recaptcha assessment resource.
+  "accountDefenderAssessment": { # Account Defender risk assessment. # Assessment returned by Account Defender when a hashed_account_id is provided.
+    "labels": [ # Labels for this request.
+      "A String",
+    ],
+  },
   "event": { # The event being assessed.
     "expectedAction": "A String", # Optional. The expected action for this type of event. This should be the same action provided at token generation time on client-side platforms already integrated with recaptcha enterprise.
     "siteKey": "A String", # Optional. The site key that was used to invoke reCAPTCHA on your site and generate the token.

docs/dyn/recaptchaenterprise_v1.projects.html

diff --git a/docs/dyn/recaptchaenterprise_v1.projects.html b/docs/dyn/recaptchaenterprise_v1.projects.html
index f5f9112..fb4bb00 100644
--- a/docs/dyn/recaptchaenterprise_v1.projects.html
+++ b/docs/dyn/recaptchaenterprise_v1.projects.html
@@ -85,6 +85,16 @@
 <p class="firstline">Returns the keys Resource.</p>
 
 <p class="toc_element">
+  <code><a href="recaptchaenterprise_v1.projects.relatedaccountgroupmemberships.html">relatedaccountgroupmemberships()</a></code>
+</p>
+<p class="firstline">Returns the relatedaccountgroupmemberships Resource.</p>
+
+<p class="toc_element">
+  <code><a href="recaptchaenterprise_v1.projects.relatedaccountgroups.html">relatedaccountgroups()</a></code>
+</p>
+<p class="firstline">Returns the relatedaccountgroups Resource.</p>
+
+<p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
 <h3>Method Details</h3>

docs/dyn/recommender_v1beta1.organizations.locations.insightTypes.html

diff --git a/docs/dyn/recommender_v1beta1.organizations.locations.insightTypes.html b/docs/dyn/recommender_v1beta1.organizations.locations.insightTypes.html
index bde1e8f..f720388 100644
--- a/docs/dyn/recommender_v1beta1.organizations.locations.insightTypes.html
+++ b/docs/dyn/recommender_v1beta1.organizations.locations.insightTypes.html
@@ -82,10 +82,99 @@
 <p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#config">config(name, body, updateMask=None, validateOnly=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates an InsightTypeConfig change. This will create a new revision of the config.</p>
+<p class="toc_element">
+  <code><a href="#getConfig">getConfig(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets the requested InsightTypeConfig. There is only one instance of the config for each InsightType.</p>
 <h3>Method Details</h3>
 <div class="method">
     <code class="details" id="close">close()</code>
   <pre>Close httplib2 connections.</pre>
 </div>
 
+<div class="method">
+    <code class="details" id="config">config(name, body, updateMask=None, validateOnly=None, x__xgafv=None)</code>
+  <pre>Updates an InsightTypeConfig change. This will create a new revision of the config.
+
+Args:
+  name: string, Name of insight type config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/insightTypes/[INSIGHT_TYPE_ID]/config (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configuration for an InsightType.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the InsightTypeConfig. Provides optimistic locking when updating.
+  &quot;insightTypeGenerationConfig&quot;: { # A configuration to customize the generation of insights. Eg, customizing the lookback period considered when generating a insight. # InsightTypeGenerationConfig which configures the generation of insights for this insight type.
+    &quot;params&quot;: { # Parameters for this InsightTypeGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Name of insight type config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/insightTypes/[INSIGHT_TYPE_ID]/config
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}
+
+  updateMask: string, The list of fields to be updated.
+  validateOnly: boolean, If true, validate the request and preview the change, but do not actually update it.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration for an InsightType.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the InsightTypeConfig. Provides optimistic locking when updating.
+  &quot;insightTypeGenerationConfig&quot;: { # A configuration to customize the generation of insights. Eg, customizing the lookback period considered when generating a insight. # InsightTypeGenerationConfig which configures the generation of insights for this insight type.
+    &quot;params&quot;: { # Parameters for this InsightTypeGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Name of insight type config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/insightTypes/[INSIGHT_TYPE_ID]/config
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="getConfig">getConfig(name, x__xgafv=None)</code>
+  <pre>Gets the requested InsightTypeConfig. There is only one instance of the config for each InsightType.
+
+Args:
+  name: string, Required. Name of the InsightTypeConfig to get. Acceptable formats: * `projects/[PROJECT_NUMBER]/locations/global/recommenders/[INSIGHT_TYPE_ID]/config` * `projects/[PROJECT_ID]/locations/global/recommenders/[INSIGHT_TYPE_ID]/config` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration for an InsightType.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the InsightTypeConfig. Provides optimistic locking when updating.
+  &quot;insightTypeGenerationConfig&quot;: { # A configuration to customize the generation of insights. Eg, customizing the lookback period considered when generating a insight. # InsightTypeGenerationConfig which configures the generation of insights for this insight type.
+    &quot;params&quot;: { # Parameters for this InsightTypeGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Name of insight type config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/insightTypes/[INSIGHT_TYPE_ID]/config
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}</pre>
+</div>
+
 </body></html>
\ No newline at end of file

docs/dyn/recommender_v1beta1.organizations.locations.recommenders.html

diff --git a/docs/dyn/recommender_v1beta1.organizations.locations.recommenders.html b/docs/dyn/recommender_v1beta1.organizations.locations.recommenders.html
index 17455fd..fb245eb 100644
--- a/docs/dyn/recommender_v1beta1.organizations.locations.recommenders.html
+++ b/docs/dyn/recommender_v1beta1.organizations.locations.recommenders.html
@@ -82,10 +82,99 @@
 <p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#config">config(name, body, updateMask=None, validateOnly=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates a Recommender Config. This will create a new revision of the config.</p>
+<p class="toc_element">
+  <code><a href="#getConfig">getConfig(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets the requested Recommender Config. There is only one instance of the config for each Recommender.</p>
 <h3>Method Details</h3>
 <div class="method">
     <code class="details" id="close">close()</code>
   <pre>Close httplib2 connections.</pre>
 </div>
 
+<div class="method">
+    <code class="details" id="config">config(name, body, updateMask=None, validateOnly=None, x__xgafv=None)</code>
+  <pre>Updates a Recommender Config. This will create a new revision of the config.
+
+Args:
+  name: string, Name of recommender config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/recommenders/[RECOMMENDER_ID]/config (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configuration for a Recommender.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the RecommenderConfig. Provides optimistic locking when updating.
+  &quot;name&quot;: &quot;A String&quot;, # Name of recommender config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/recommenders/[RECOMMENDER_ID]/config
+  &quot;recommenderGenerationConfig&quot;: { # A Configuration to customize the generation of recommendations. Eg, customizing the lookback period considered when generating a recommendation. # RecommenderGenerationConfig which configures the Generation of recommendations for this recommender.
+    &quot;params&quot;: { # Parameters for this RecommenderGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}
+
+  updateMask: string, The list of fields to be updated.
+  validateOnly: boolean, If true, validate the request and preview the change, but do not actually update it.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration for a Recommender.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the RecommenderConfig. Provides optimistic locking when updating.
+  &quot;name&quot;: &quot;A String&quot;, # Name of recommender config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/recommenders/[RECOMMENDER_ID]/config
+  &quot;recommenderGenerationConfig&quot;: { # A Configuration to customize the generation of recommendations. Eg, customizing the lookback period considered when generating a recommendation. # RecommenderGenerationConfig which configures the Generation of recommendations for this recommender.
+    &quot;params&quot;: { # Parameters for this RecommenderGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="getConfig">getConfig(name, x__xgafv=None)</code>
+  <pre>Gets the requested Recommender Config. There is only one instance of the config for each Recommender.
+
+Args:
+  name: string, Required. Name of the Recommendation Config to get. Acceptable formats: * `projects/[PROJECT_NUMBER]/locations/global/recommenders/[RECOMMENDER_ID]/config` * `projects/[PROJECT_ID]/locations/global/recommenders/[RECOMMENDER_ID]/config` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration for a Recommender.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the RecommenderConfig. Provides optimistic locking when updating.
+  &quot;name&quot;: &quot;A String&quot;, # Name of recommender config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/recommenders/[RECOMMENDER_ID]/config
+  &quot;recommenderGenerationConfig&quot;: { # A Configuration to customize the generation of recommendations. Eg, customizing the lookback period considered when generating a recommendation. # RecommenderGenerationConfig which configures the Generation of recommendations for this recommender.
+    &quot;params&quot;: { # Parameters for this RecommenderGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}</pre>
+</div>
+
 </body></html>
\ No newline at end of file

docs/dyn/recommender_v1beta1.projects.locations.insightTypes.html

diff --git a/docs/dyn/recommender_v1beta1.projects.locations.insightTypes.html b/docs/dyn/recommender_v1beta1.projects.locations.insightTypes.html
index c78586b..1e5d940 100644
--- a/docs/dyn/recommender_v1beta1.projects.locations.insightTypes.html
+++ b/docs/dyn/recommender_v1beta1.projects.locations.insightTypes.html
@@ -82,10 +82,99 @@
 <p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#getConfig">getConfig(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets the requested InsightTypeConfig. There is only one instance of the config for each InsightType.</p>
+<p class="toc_element">
+  <code><a href="#updateConfig">updateConfig(name, body, updateMask=None, validateOnly=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates an InsightTypeConfig change. This will create a new revision of the config.</p>
 <h3>Method Details</h3>
 <div class="method">
     <code class="details" id="close">close()</code>
   <pre>Close httplib2 connections.</pre>
 </div>
 
+<div class="method">
+    <code class="details" id="getConfig">getConfig(name, x__xgafv=None)</code>
+  <pre>Gets the requested InsightTypeConfig. There is only one instance of the config for each InsightType.
+
+Args:
+  name: string, Required. Name of the InsightTypeConfig to get. Acceptable formats: * `projects/[PROJECT_NUMBER]/locations/global/recommenders/[INSIGHT_TYPE_ID]/config` * `projects/[PROJECT_ID]/locations/global/recommenders/[INSIGHT_TYPE_ID]/config` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration for an InsightType.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the InsightTypeConfig. Provides optimistic locking when updating.
+  &quot;insightTypeGenerationConfig&quot;: { # A configuration to customize the generation of insights. Eg, customizing the lookback period considered when generating a insight. # InsightTypeGenerationConfig which configures the generation of insights for this insight type.
+    &quot;params&quot;: { # Parameters for this InsightTypeGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Name of insight type config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/insightTypes/[INSIGHT_TYPE_ID]/config
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="updateConfig">updateConfig(name, body, updateMask=None, validateOnly=None, x__xgafv=None)</code>
+  <pre>Updates an InsightTypeConfig change. This will create a new revision of the config.
+
+Args:
+  name: string, Name of insight type config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/insightTypes/[INSIGHT_TYPE_ID]/config (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configuration for an InsightType.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the InsightTypeConfig. Provides optimistic locking when updating.
+  &quot;insightTypeGenerationConfig&quot;: { # A configuration to customize the generation of insights. Eg, customizing the lookback period considered when generating a insight. # InsightTypeGenerationConfig which configures the generation of insights for this insight type.
+    &quot;params&quot;: { # Parameters for this InsightTypeGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Name of insight type config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/insightTypes/[INSIGHT_TYPE_ID]/config
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}
+
+  updateMask: string, The list of fields to be updated.
+  validateOnly: boolean, If true, validate the request and preview the change, but do not actually update it.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration for an InsightType.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the InsightTypeConfig. Provides optimistic locking when updating.
+  &quot;insightTypeGenerationConfig&quot;: { # A configuration to customize the generation of insights. Eg, customizing the lookback period considered when generating a insight. # InsightTypeGenerationConfig which configures the generation of insights for this insight type.
+    &quot;params&quot;: { # Parameters for this InsightTypeGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;name&quot;: &quot;A String&quot;, # Name of insight type config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/insightTypes/[INSIGHT_TYPE_ID]/config
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}</pre>
+</div>
+
 </body></html>
\ No newline at end of file

docs/dyn/recommender_v1beta1.projects.locations.recommenders.html

diff --git a/docs/dyn/recommender_v1beta1.projects.locations.recommenders.html b/docs/dyn/recommender_v1beta1.projects.locations.recommenders.html
index ab646d2..f5752c8 100644
--- a/docs/dyn/recommender_v1beta1.projects.locations.recommenders.html
+++ b/docs/dyn/recommender_v1beta1.projects.locations.recommenders.html
@@ -82,10 +82,99 @@
 <p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#getConfig">getConfig(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets the requested Recommender Config. There is only one instance of the config for each Recommender.</p>
+<p class="toc_element">
+  <code><a href="#updateConfig">updateConfig(name, body, updateMask=None, validateOnly=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates a Recommender Config. This will create a new revision of the config.</p>
 <h3>Method Details</h3>
 <div class="method">
     <code class="details" id="close">close()</code>
   <pre>Close httplib2 connections.</pre>
 </div>
 
+<div class="method">
+    <code class="details" id="getConfig">getConfig(name, x__xgafv=None)</code>
+  <pre>Gets the requested Recommender Config. There is only one instance of the config for each Recommender.
+
+Args:
+  name: string, Required. Name of the Recommendation Config to get. Acceptable formats: * `projects/[PROJECT_NUMBER]/locations/global/recommenders/[RECOMMENDER_ID]/config` * `projects/[PROJECT_ID]/locations/global/recommenders/[RECOMMENDER_ID]/config` (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration for a Recommender.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the RecommenderConfig. Provides optimistic locking when updating.
+  &quot;name&quot;: &quot;A String&quot;, # Name of recommender config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/recommenders/[RECOMMENDER_ID]/config
+  &quot;recommenderGenerationConfig&quot;: { # A Configuration to customize the generation of recommendations. Eg, customizing the lookback period considered when generating a recommendation. # RecommenderGenerationConfig which configures the Generation of recommendations for this recommender.
+    &quot;params&quot;: { # Parameters for this RecommenderGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="updateConfig">updateConfig(name, body, updateMask=None, validateOnly=None, x__xgafv=None)</code>
+  <pre>Updates a Recommender Config. This will create a new revision of the config.
+
+Args:
+  name: string, Name of recommender config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/recommenders/[RECOMMENDER_ID]/config (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Configuration for a Recommender.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the RecommenderConfig. Provides optimistic locking when updating.
+  &quot;name&quot;: &quot;A String&quot;, # Name of recommender config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/recommenders/[RECOMMENDER_ID]/config
+  &quot;recommenderGenerationConfig&quot;: { # A Configuration to customize the generation of recommendations. Eg, customizing the lookback period considered when generating a recommendation. # RecommenderGenerationConfig which configures the Generation of recommendations for this recommender.
+    &quot;params&quot;: { # Parameters for this RecommenderGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}
+
+  updateMask: string, The list of fields to be updated.
+  validateOnly: boolean, If true, validate the request and preview the change, but do not actually update it.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Configuration for a Recommender.
+  &quot;annotations&quot;: { # Allows clients to store small amounts of arbitrary data. Annotations must follow the Kubernetes syntax. The total size of all keys and values combined is limited to 256k. Key can have 2 segments: prefix (optional) and name (required), separated by a slash (/). Prefix must be a DNS subdomain. Name must be 63 characters or less, begin and end with alphanumerics, with dashes (-), underscores (_), dots (.), and alphanumerics between.
+    &quot;a_key&quot;: &quot;A String&quot;,
+  },
+  &quot;displayName&quot;: &quot;A String&quot;, # A user-settable field to provide a human-readable name to be used in user interfaces.
+  &quot;etag&quot;: &quot;A String&quot;, # Fingerprint of the RecommenderConfig. Provides optimistic locking when updating.
+  &quot;name&quot;: &quot;A String&quot;, # Name of recommender config. Eg, projects/[PROJECT_NUMBER]/locations/[LOCATION]/recommenders/[RECOMMENDER_ID]/config
+  &quot;recommenderGenerationConfig&quot;: { # A Configuration to customize the generation of recommendations. Eg, customizing the lookback period considered when generating a recommendation. # RecommenderGenerationConfig which configures the Generation of recommendations for this recommender.
+    &quot;params&quot;: { # Parameters for this RecommenderGenerationConfig. These configs can be used by or are applied to all subtypes.
+      &quot;a_key&quot;: &quot;&quot;, # Properties of the object.
+    },
+  },
+  &quot;revisionId&quot;: &quot;A String&quot;, # Output only. Immutable. The revision ID of the config. A new revision is committed whenever the config is changed in any way. The format is an 8-character hexadecimal string.
+  &quot;updateTime&quot;: &quot;A String&quot;, # Last time when the config was updated.
+}</pre>
+</div>
+
 </body></html>
\ No newline at end of file

docs/dyn/redis_v1.projects.locations.instances.html

diff --git a/docs/dyn/redis_v1.projects.locations.instances.html b/docs/dyn/redis_v1.projects.locations.instances.html
index 1ba6aee..99ddef2 100644
--- a/docs/dyn/redis_v1.projects.locations.instances.html
+++ b/docs/dyn/redis_v1.projects.locations.instances.html
@@ -128,7 +128,7 @@
   body: object, The request body.
     The object takes the form of:
 
-{ # A Google Cloud Redis instance. next id = 38
+{ # A Google Cloud Redis instance.
   "alternativeLocationId": "A String", # Optional. If specified, at least one node will be provisioned in this zone in addition to the zone specified in location_id. Only applicable to standard tier. If provided, it must be a different zone from the one provided in [location_id]. Additional nodes beyond the first 2 will be placed in zones selected by the service.
   "authEnabled": True or False, # Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to "true" AUTH is enabled on the instance. Default value is "false" meaning AUTH is disabled.
   "authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine [network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected. If left unspecified, the `default` network will be used.
@@ -182,12 +182,12 @@
   "port": 42, # Output only. The port number of the exposed Redis endpoint.
   "readEndpoint": "A String", # Output only. Hostname or IP address of the exposed readonly Redis endpoint. Standard tier only. Targets all healthy replica nodes in instance. Replication is asynchronous and replica nodes will exhibit some lag behind the primary. Write requests must target 'host'.
   "readEndpointPort": 42, # Output only. The port number of the exposed readonly redis endpoint. Standard tier only. Write requests should target 'port'.
-  "readReplicasMode": "A String", # Optional. Read replica mode.
+  "readReplicasMode": "A String", # Optional. Read replica mode. Can only be specified when trying to create the instance.
   "redisConfigs": { # Optional. Redis configuration parameters, according to http://redis.io/topics/config. Currently, the only supported parameters are: Redis version 3.2 and newer: * maxmemory-policy * notify-keyspace-events Redis version 4.0 and newer: * activedefrag * lfu-decay-time * lfu-log-factor * maxmemory-gb Redis version 5.0 and newer: * stream-node-max-bytes * stream-node-max-entries
     "a_key": "A String",
   },
   "redisVersion": "A String", # Optional. The version of Redis software. If not provided, latest supported version will be used. Currently, the supported values are: * `REDIS_3_2` for Redis 3.2 compatibility * `REDIS_4_0` for Redis 4.0 compatibility (default) * `REDIS_5_0` for Redis 5.0 compatibility * `REDIS_6_X` for Redis 6.x compatibility
-  "replicaCount": 42, # Optional. The number of replica nodes. Valid range for standard tier is [1-5] and defaults to 2. Valid value for basic tier is 0 and defaults to 0.
+  "replicaCount": 42, # Optional. The number of replica nodes. The valid range for the Standard Tier with read replicas enabled is [1-5] and defaults to 2. If read replicas are not enabled for a Standard Tier instance, the only valid value is 1 and the default is 1. The valid value for basic tier is 0 and the default is also 0.
   "reservedIpRange": "A String", # Optional. For DIRECT_PEERING mode, the CIDR range of internal addresses that are reserved for this instance. Range must be unique and non-overlapping with existing subnets in an authorized network. For PRIVATE_SERVICE_ACCESS mode, the name of one allocated IP address ranges associated with this private service access connection. If not provided, the service will choose an unused /29 block, for example, 10.0.0.0/29 or 192.168.0.0/29. For READ_REPLICAS_ENABLED the default block size is /28.
   "serverCaCerts": [ # Output only. List of server CA certificates for the instance.
     { # TlsCertificate Resource
@@ -371,7 +371,7 @@
 Returns:
   An object of the form:
 
-    { # A Google Cloud Redis instance. next id = 38
+    { # A Google Cloud Redis instance.
   "alternativeLocationId": "A String", # Optional. If specified, at least one node will be provisioned in this zone in addition to the zone specified in location_id. Only applicable to standard tier. If provided, it must be a different zone from the one provided in [location_id]. Additional nodes beyond the first 2 will be placed in zones selected by the service.
   "authEnabled": True or False, # Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to "true" AUTH is enabled on the instance. Default value is "false" meaning AUTH is disabled.
   "authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine [network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected. If left unspecified, the `default` network will be used.
@@ -425,12 +425,12 @@
   "port": 42, # Output only. The port number of the exposed Redis endpoint.
   "readEndpoint": "A String", # Output only. Hostname or IP address of the exposed readonly Redis endpoint. Standard tier only. Targets all healthy replica nodes in instance. Replication is asynchronous and replica nodes will exhibit some lag behind the primary. Write requests must target 'host'.
   "readEndpointPort": 42, # Output only. The port number of the exposed readonly redis endpoint. Standard tier only. Write requests should target 'port'.
-  "readReplicasMode": "A String", # Optional. Read replica mode.
+  "readReplicasMode": "A String", # Optional. Read replica mode. Can only be specified when trying to create the instance.
   "redisConfigs": { # Optional. Redis configuration parameters, according to http://redis.io/topics/config. Currently, the only supported parameters are: Redis version 3.2 and newer: * maxmemory-policy * notify-keyspace-events Redis version 4.0 and newer: * activedefrag * lfu-decay-time * lfu-log-factor * maxmemory-gb Redis version 5.0 and newer: * stream-node-max-bytes * stream-node-max-entries
     "a_key": "A String",
   },
   "redisVersion": "A String", # Optional. The version of Redis software. If not provided, latest supported version will be used. Currently, the supported values are: * `REDIS_3_2` for Redis 3.2 compatibility * `REDIS_4_0` for Redis 4.0 compatibility (default) * `REDIS_5_0` for Redis 5.0 compatibility * `REDIS_6_X` for Redis 6.x compatibility
-  "replicaCount": 42, # Optional. The number of replica nodes. Valid range for standard tier is [1-5] and defaults to 2. Valid value for basic tier is 0 and defaults to 0.
+  "replicaCount": 42, # Optional. The number of replica nodes. The valid range for the Standard Tier with read replicas enabled is [1-5] and defaults to 2. If read replicas are not enabled for a Standard Tier instance, the only valid value is 1 and the default is 1. The valid value for basic tier is 0 and the default is also 0.
   "reservedIpRange": "A String", # Optional. For DIRECT_PEERING mode, the CIDR range of internal addresses that are reserved for this instance. Range must be unique and non-overlapping with existing subnets in an authorized network. For PRIVATE_SERVICE_ACCESS mode, the name of one allocated IP address ranges associated with this private service access connection. If not provided, the service will choose an unused /29 block, for example, 10.0.0.0/29 or 192.168.0.0/29. For READ_REPLICAS_ENABLED the default block size is /28.
   "serverCaCerts": [ # Output only. List of server CA certificates for the instance.
     { # TlsCertificate Resource
@@ -531,7 +531,7 @@
 
     { # Response for ListInstances.
   "instances": [ # A list of Redis instances in the project in the specified location, or across all locations. If the `location_id` in the parent field of the request is "-", all regions available to the project are queried, and the results aggregated. If in such an aggregated query a location is unavailable, a placeholder Redis entry is included in the response with the `name` field set to a value of the form `projects/{project_id}/locations/{location_id}/instances/`- and the `status` field set to ERROR and `status_message` field set to "location not available for ListInstances".
-    { # A Google Cloud Redis instance. next id = 38
+    { # A Google Cloud Redis instance.
       "alternativeLocationId": "A String", # Optional. If specified, at least one node will be provisioned in this zone in addition to the zone specified in location_id. Only applicable to standard tier. If provided, it must be a different zone from the one provided in [location_id]. Additional nodes beyond the first 2 will be placed in zones selected by the service.
       "authEnabled": True or False, # Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to "true" AUTH is enabled on the instance. Default value is "false" meaning AUTH is disabled.
       "authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine [network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected. If left unspecified, the `default` network will be used.
@@ -585,12 +585,12 @@
       "port": 42, # Output only. The port number of the exposed Redis endpoint.
       "readEndpoint": "A String", # Output only. Hostname or IP address of the exposed readonly Redis endpoint. Standard tier only. Targets all healthy replica nodes in instance. Replication is asynchronous and replica nodes will exhibit some lag behind the primary. Write requests must target 'host'.
       "readEndpointPort": 42, # Output only. The port number of the exposed readonly redis endpoint. Standard tier only. Write requests should target 'port'.
-      "readReplicasMode": "A String", # Optional. Read replica mode.
+      "readReplicasMode": "A String", # Optional. Read replica mode. Can only be specified when trying to create the instance.
       "redisConfigs": { # Optional. Redis configuration parameters, according to http://redis.io/topics/config. Currently, the only supported parameters are: Redis version 3.2 and newer: * maxmemory-policy * notify-keyspace-events Redis version 4.0 and newer: * activedefrag * lfu-decay-time * lfu-log-factor * maxmemory-gb Redis version 5.0 and newer: * stream-node-max-bytes * stream-node-max-entries
         "a_key": "A String",
       },
       "redisVersion": "A String", # Optional. The version of Redis software. If not provided, latest supported version will be used. Currently, the supported values are: * `REDIS_3_2` for Redis 3.2 compatibility * `REDIS_4_0` for Redis 4.0 compatibility (default) * `REDIS_5_0` for Redis 5.0 compatibility * `REDIS_6_X` for Redis 6.x compatibility
-      "replicaCount": 42, # Optional. The number of replica nodes. Valid range for standard tier is [1-5] and defaults to 2. Valid value for basic tier is 0 and defaults to 0.
+      "replicaCount": 42, # Optional. The number of replica nodes. The valid range for the Standard Tier with read replicas enabled is [1-5] and defaults to 2. If read replicas are not enabled for a Standard Tier instance, the only valid value is 1 and the default is 1. The valid value for basic tier is 0 and the default is also 0.
       "reservedIpRange": "A String", # Optional. For DIRECT_PEERING mode, the CIDR range of internal addresses that are reserved for this instance. Range must be unique and non-overlapping with existing subnets in an authorized network. For PRIVATE_SERVICE_ACCESS mode, the name of one allocated IP address ranges associated with this private service access connection. If not provided, the service will choose an unused /29 block, for example, 10.0.0.0/29 or 192.168.0.0/29. For READ_REPLICAS_ENABLED the default block size is /28.
       "serverCaCerts": [ # Output only. List of server CA certificates for the instance.
         { # TlsCertificate Resource
@@ -637,7 +637,7 @@
   body: object, The request body.
     The object takes the form of:
 
-{ # A Google Cloud Redis instance. next id = 38
+{ # A Google Cloud Redis instance.
   "alternativeLocationId": "A String", # Optional. If specified, at least one node will be provisioned in this zone in addition to the zone specified in location_id. Only applicable to standard tier. If provided, it must be a different zone from the one provided in [location_id]. Additional nodes beyond the first 2 will be placed in zones selected by the service.
   "authEnabled": True or False, # Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to "true" AUTH is enabled on the instance. Default value is "false" meaning AUTH is disabled.
   "authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine [network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected. If left unspecified, the `default` network will be used.
@@ -691,12 +691,12 @@
   "port": 42, # Output only. The port number of the exposed Redis endpoint.
   "readEndpoint": "A String", # Output only. Hostname or IP address of the exposed readonly Redis endpoint. Standard tier only. Targets all healthy replica nodes in instance. Replication is asynchronous and replica nodes will exhibit some lag behind the primary. Write requests must target 'host'.
   "readEndpointPort": 42, # Output only. The port number of the exposed readonly redis endpoint. Standard tier only. Write requests should target 'port'.
-  "readReplicasMode": "A String", # Optional. Read replica mode.
+  "readReplicasMode": "A String", # Optional. Read replica mode. Can only be specified when trying to create the instance.
   "redisConfigs": { # Optional. Redis configuration parameters, according to http://redis.io/topics/config. Currently, the only supported parameters are: Redis version 3.2 and newer: * maxmemory-policy * notify-keyspace-events Redis version 4.0 and newer: * activedefrag * lfu-decay-time * lfu-log-factor * maxmemory-gb Redis version 5.0 and newer: * stream-node-max-bytes * stream-node-max-entries
     "a_key": "A String",
   },
   "redisVersion": "A String", # Optional. The version of Redis software. If not provided, latest supported version will be used. Currently, the supported values are: * `REDIS_3_2` for Redis 3.2 compatibility * `REDIS_4_0` for Redis 4.0 compatibility (default) * `REDIS_5_0` for Redis 5.0 compatibility * `REDIS_6_X` for Redis 6.x compatibility
-  "replicaCount": 42, # Optional. The number of replica nodes. Valid range for standard tier is [1-5] and defaults to 2. Valid value for basic tier is 0 and defaults to 0.
+  "replicaCount": 42, # Optional. The number of replica nodes. The valid range for the Standard Tier with read replicas enabled is [1-5] and defaults to 2. If read replicas are not enabled for a Standard Tier instance, the only valid value is 1 and the default is 1. The valid value for basic tier is 0 and the default is also 0.
   "reservedIpRange": "A String", # Optional. For DIRECT_PEERING mode, the CIDR range of internal addresses that are reserved for this instance. Range must be unique and non-overlapping with existing subnets in an authorized network. For PRIVATE_SERVICE_ACCESS mode, the name of one allocated IP address ranges associated with this private service access connection. If not provided, the service will choose an unused /29 block, for example, 10.0.0.0/29 or 192.168.0.0/29. For READ_REPLICAS_ENABLED the default block size is /28.
   "serverCaCerts": [ # Output only. List of server CA certificates for the instance.
     { # TlsCertificate Resource

docs/dyn/redis_v1beta1.projects.locations.instances.html

diff --git a/docs/dyn/redis_v1beta1.projects.locations.instances.html b/docs/dyn/redis_v1beta1.projects.locations.instances.html
index 430c613..8675426 100644
--- a/docs/dyn/redis_v1beta1.projects.locations.instances.html
+++ b/docs/dyn/redis_v1beta1.projects.locations.instances.html
@@ -128,7 +128,7 @@
   body: object, The request body.
     The object takes the form of:
 
-{ # A Google Cloud Redis instance. next id = 38
+{ # A Google Cloud Redis instance.
   "alternativeLocationId": "A String", # Optional. If specified, at least one node will be provisioned in this zone in addition to the zone specified in location_id. Only applicable to standard tier. If provided, it must be a different zone from the one provided in [location_id]. Additional nodes beyond the first 2 will be placed in zones selected by the service.
   "authEnabled": True or False, # Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to "true" AUTH is enabled on the instance. Default value is "false" meaning AUTH is disabled.
   "authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine [network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected. If left unspecified, the `default` network will be used.
@@ -182,12 +182,12 @@
   "port": 42, # Output only. The port number of the exposed Redis endpoint.
   "readEndpoint": "A String", # Output only. Hostname or IP address of the exposed readonly Redis endpoint. Standard tier only. Targets all healthy replica nodes in instance. Replication is asynchronous and replica nodes will exhibit some lag behind the primary. Write requests must target 'host'.
   "readEndpointPort": 42, # Output only. The port number of the exposed readonly redis endpoint. Standard tier only. Write requests should target 'port'.
-  "readReplicasMode": "A String", # Optional. Read replica mode.
+  "readReplicasMode": "A String", # Optional. Read replica mode. Can only be specified when trying to create the instance.
   "redisConfigs": { # Optional. Redis configuration parameters, according to http://redis.io/topics/config. Currently, the only supported parameters are: Redis version 3.2 and newer: * maxmemory-policy * notify-keyspace-events Redis version 4.0 and newer: * activedefrag * lfu-decay-time * lfu-log-factor * maxmemory-gb Redis version 5.0 and newer: * stream-node-max-bytes * stream-node-max-entries
     "a_key": "A String",
   },
   "redisVersion": "A String", # Optional. The version of Redis software. If not provided, latest supported version will be used. Currently, the supported values are: * `REDIS_3_2` for Redis 3.2 compatibility * `REDIS_4_0` for Redis 4.0 compatibility (default) * `REDIS_5_0` for Redis 5.0 compatibility * `REDIS_6_X` for Redis 6.x compatibility
-  "replicaCount": 42, # Optional. The number of replica nodes. Valid range for standard tier is [1-5] and defaults to 2. Valid value for basic tier is 0 and defaults to 0.
+  "replicaCount": 42, # Optional. The number of replica nodes. The valid range for the Standard Tier with read replicas enabled is [1-5] and defaults to 2. If read replicas are not enabled for a Standard Tier instance, the only valid value is 1 and the default is 1. The valid value for basic tier is 0 and the default is also 0.
   "reservedIpRange": "A String", # Optional. For DIRECT_PEERING mode, the CIDR range of internal addresses that are reserved for this instance. Range must be unique and non-overlapping with existing subnets in an authorized network. For PRIVATE_SERVICE_ACCESS mode, the name of one allocated IP address ranges associated with this private service access connection. If not provided, the service will choose an unused /29 block, for example, 10.0.0.0/29 or 192.168.0.0/29. For READ_REPLICAS_ENABLED the default block size is /28.
   "serverCaCerts": [ # Output only. List of server CA certificates for the instance.
     { # TlsCertificate Resource
@@ -371,7 +371,7 @@
 Returns:
   An object of the form:
 
-    { # A Google Cloud Redis instance. next id = 38
+    { # A Google Cloud Redis instance.
   "alternativeLocationId": "A String", # Optional. If specified, at least one node will be provisioned in this zone in addition to the zone specified in location_id. Only applicable to standard tier. If provided, it must be a different zone from the one provided in [location_id]. Additional nodes beyond the first 2 will be placed in zones selected by the service.
   "authEnabled": True or False, # Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to "true" AUTH is enabled on the instance. Default value is "false" meaning AUTH is disabled.
   "authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine [network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected. If left unspecified, the `default` network will be used.
@@ -425,12 +425,12 @@
   "port": 42, # Output only. The port number of the exposed Redis endpoint.
   "readEndpoint": "A String", # Output only. Hostname or IP address of the exposed readonly Redis endpoint. Standard tier only. Targets all healthy replica nodes in instance. Replication is asynchronous and replica nodes will exhibit some lag behind the primary. Write requests must target 'host'.
   "readEndpointPort": 42, # Output only. The port number of the exposed readonly redis endpoint. Standard tier only. Write requests should target 'port'.
-  "readReplicasMode": "A String", # Optional. Read replica mode.
+  "readReplicasMode": "A String", # Optional. Read replica mode. Can only be specified when trying to create the instance.
   "redisConfigs": { # Optional. Redis configuration parameters, according to http://redis.io/topics/config. Currently, the only supported parameters are: Redis version 3.2 and newer: * maxmemory-policy * notify-keyspace-events Redis version 4.0 and newer: * activedefrag * lfu-decay-time * lfu-log-factor * maxmemory-gb Redis version 5.0 and newer: * stream-node-max-bytes * stream-node-max-entries
     "a_key": "A String",
   },
   "redisVersion": "A String", # Optional. The version of Redis software. If not provided, latest supported version will be used. Currently, the supported values are: * `REDIS_3_2` for Redis 3.2 compatibility * `REDIS_4_0` for Redis 4.0 compatibility (default) * `REDIS_5_0` for Redis 5.0 compatibility * `REDIS_6_X` for Redis 6.x compatibility
-  "replicaCount": 42, # Optional. The number of replica nodes. Valid range for standard tier is [1-5] and defaults to 2. Valid value for basic tier is 0 and defaults to 0.
+  "replicaCount": 42, # Optional. The number of replica nodes. The valid range for the Standard Tier with read replicas enabled is [1-5] and defaults to 2. If read replicas are not enabled for a Standard Tier instance, the only valid value is 1 and the default is 1. The valid value for basic tier is 0 and the default is also 0.
   "reservedIpRange": "A String", # Optional. For DIRECT_PEERING mode, the CIDR range of internal addresses that are reserved for this instance. Range must be unique and non-overlapping with existing subnets in an authorized network. For PRIVATE_SERVICE_ACCESS mode, the name of one allocated IP address ranges associated with this private service access connection. If not provided, the service will choose an unused /29 block, for example, 10.0.0.0/29 or 192.168.0.0/29. For READ_REPLICAS_ENABLED the default block size is /28.
   "serverCaCerts": [ # Output only. List of server CA certificates for the instance.
     { # TlsCertificate Resource
@@ -531,7 +531,7 @@
 
     { # Response for ListInstances.
   "instances": [ # A list of Redis instances in the project in the specified location, or across all locations. If the `location_id` in the parent field of the request is "-", all regions available to the project are queried, and the results aggregated. If in such an aggregated query a location is unavailable, a placeholder Redis entry is included in the response with the `name` field set to a value of the form `projects/{project_id}/locations/{location_id}/instances/`- and the `status` field set to ERROR and `status_message` field set to "location not available for ListInstances".
-    { # A Google Cloud Redis instance. next id = 38
+    { # A Google Cloud Redis instance.
       "alternativeLocationId": "A String", # Optional. If specified, at least one node will be provisioned in this zone in addition to the zone specified in location_id. Only applicable to standard tier. If provided, it must be a different zone from the one provided in [location_id]. Additional nodes beyond the first 2 will be placed in zones selected by the service.
       "authEnabled": True or False, # Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to "true" AUTH is enabled on the instance. Default value is "false" meaning AUTH is disabled.
       "authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine [network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected. If left unspecified, the `default` network will be used.
@@ -585,12 +585,12 @@
       "port": 42, # Output only. The port number of the exposed Redis endpoint.
       "readEndpoint": "A String", # Output only. Hostname or IP address of the exposed readonly Redis endpoint. Standard tier only. Targets all healthy replica nodes in instance. Replication is asynchronous and replica nodes will exhibit some lag behind the primary. Write requests must target 'host'.
       "readEndpointPort": 42, # Output only. The port number of the exposed readonly redis endpoint. Standard tier only. Write requests should target 'port'.
-      "readReplicasMode": "A String", # Optional. Read replica mode.
+      "readReplicasMode": "A String", # Optional. Read replica mode. Can only be specified when trying to create the instance.
       "redisConfigs": { # Optional. Redis configuration parameters, according to http://redis.io/topics/config. Currently, the only supported parameters are: Redis version 3.2 and newer: * maxmemory-policy * notify-keyspace-events Redis version 4.0 and newer: * activedefrag * lfu-decay-time * lfu-log-factor * maxmemory-gb Redis version 5.0 and newer: * stream-node-max-bytes * stream-node-max-entries
         "a_key": "A String",
       },
       "redisVersion": "A String", # Optional. The version of Redis software. If not provided, latest supported version will be used. Currently, the supported values are: * `REDIS_3_2` for Redis 3.2 compatibility * `REDIS_4_0` for Redis 4.0 compatibility (default) * `REDIS_5_0` for Redis 5.0 compatibility * `REDIS_6_X` for Redis 6.x compatibility
-      "replicaCount": 42, # Optional. The number of replica nodes. Valid range for standard tier is [1-5] and defaults to 2. Valid value for basic tier is 0 and defaults to 0.
+      "replicaCount": 42, # Optional. The number of replica nodes. The valid range for the Standard Tier with read replicas enabled is [1-5] and defaults to 2. If read replicas are not enabled for a Standard Tier instance, the only valid value is 1 and the default is 1. The valid value for basic tier is 0 and the default is also 0.
       "reservedIpRange": "A String", # Optional. For DIRECT_PEERING mode, the CIDR range of internal addresses that are reserved for this instance. Range must be unique and non-overlapping with existing subnets in an authorized network. For PRIVATE_SERVICE_ACCESS mode, the name of one allocated IP address ranges associated with this private service access connection. If not provided, the service will choose an unused /29 block, for example, 10.0.0.0/29 or 192.168.0.0/29. For READ_REPLICAS_ENABLED the default block size is /28.
       "serverCaCerts": [ # Output only. List of server CA certificates for the instance.
         { # TlsCertificate Resource
@@ -637,7 +637,7 @@
   body: object, The request body.
     The object takes the form of:
 
-{ # A Google Cloud Redis instance. next id = 38
+{ # A Google Cloud Redis instance.
   "alternativeLocationId": "A String", # Optional. If specified, at least one node will be provisioned in this zone in addition to the zone specified in location_id. Only applicable to standard tier. If provided, it must be a different zone from the one provided in [location_id]. Additional nodes beyond the first 2 will be placed in zones selected by the service.
   "authEnabled": True or False, # Optional. Indicates whether OSS Redis AUTH is enabled for the instance. If set to "true" AUTH is enabled on the instance. Default value is "false" meaning AUTH is disabled.
   "authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine [network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected. If left unspecified, the `default` network will be used.
@@ -691,12 +691,12 @@
   "port": 42, # Output only. The port number of the exposed Redis endpoint.
   "readEndpoint": "A String", # Output only. Hostname or IP address of the exposed readonly Redis endpoint. Standard tier only. Targets all healthy replica nodes in instance. Replication is asynchronous and replica nodes will exhibit some lag behind the primary. Write requests must target 'host'.
   "readEndpointPort": 42, # Output only. The port number of the exposed readonly redis endpoint. Standard tier only. Write requests should target 'port'.
-  "readReplicasMode": "A String", # Optional. Read replica mode.
+  "readReplicasMode": "A String", # Optional. Read replica mode. Can only be specified when trying to create the instance.
   "redisConfigs": { # Optional. Redis configuration parameters, according to http://redis.io/topics/config. Currently, the only supported parameters are: Redis version 3.2 and newer: * maxmemory-policy * notify-keyspace-events Redis version 4.0 and newer: * activedefrag * lfu-decay-time * lfu-log-factor * maxmemory-gb Redis version 5.0 and newer: * stream-node-max-bytes * stream-node-max-entries
     "a_key": "A String",
   },
   "redisVersion": "A String", # Optional. The version of Redis software. If not provided, latest supported version will be used. Currently, the supported values are: * `REDIS_3_2` for Redis 3.2 compatibility * `REDIS_4_0` for Redis 4.0 compatibility (default) * `REDIS_5_0` for Redis 5.0 compatibility * `REDIS_6_X` for Redis 6.x compatibility
-  "replicaCount": 42, # Optional. The number of replica nodes. Valid range for standard tier is [1-5] and defaults to 2. Valid value for basic tier is 0 and defaults to 0.
+  "replicaCount": 42, # Optional. The number of replica nodes. The valid range for the Standard Tier with read replicas enabled is [1-5] and defaults to 2. If read replicas are not enabled for a Standard Tier instance, the only valid value is 1 and the default is 1. The valid value for basic tier is 0 and the default is also 0.
   "reservedIpRange": "A String", # Optional. For DIRECT_PEERING mode, the CIDR range of internal addresses that are reserved for this instance. Range must be unique and non-overlapping with existing subnets in an authorized network. For PRIVATE_SERVICE_ACCESS mode, the name of one allocated IP address ranges associated with this private service access connection. If not provided, the service will choose an unused /29 block, for example, 10.0.0.0/29 or 192.168.0.0/29. For READ_REPLICAS_ENABLED the default block size is /28.
   "serverCaCerts": [ # Output only. List of server CA certificates for the instance.
     { # TlsCertificate Resource

docs/dyn/retail_v2.projects.locations.catalogs.html

diff --git a/docs/dyn/retail_v2.projects.locations.catalogs.html b/docs/dyn/retail_v2.projects.locations.catalogs.html
index 2de3813..6b4430a 100644
--- a/docs/dyn/retail_v2.projects.locations.catalogs.html
+++ b/docs/dyn/retail_v2.projects.locations.catalogs.html
@@ -216,7 +216,7 @@
       "displayName": "A String", # Required. Immutable. The catalog display name. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
       "name": "A String", # Required. Immutable. The fully qualified resource name of the catalog.
       "productLevelConfig": { # Configures what level the product should be uploaded with regards to how users will be send events and how predictions will be made. # Required. The product level configuration.
-        "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can only ingest Product.Type.PRIMARY Products. This means Product.primary_product_id can only be empty or set to the same value as Product.id. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
+        "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can ingest Products of all types. When ingesting a Product, its type will default to Product.Type.PRIMARY if unset. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
         "merchantCenterProductIdField": "A String", # Which field of [Merchant Center Product](/bigquery-transfer/docs/merchant-center-products-schema) should be imported as Product.id. Acceptable values are: * `offerId` (default): Import `offerId` as the product ID. * `itemGroupId`: Import `itemGroupId` as the product ID. Notice that Retail API will choose one item from the ones with the same `itemGroupId`, and use it to represent the item group. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `itemGroupId` and ingestion_product_type is `variant`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
       },
     },
@@ -252,7 +252,7 @@
   "displayName": "A String", # Required. Immutable. The catalog display name. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "name": "A String", # Required. Immutable. The fully qualified resource name of the catalog.
   "productLevelConfig": { # Configures what level the product should be uploaded with regards to how users will be send events and how predictions will be made. # Required. The product level configuration.
-    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can only ingest Product.Type.PRIMARY Products. This means Product.primary_product_id can only be empty or set to the same value as Product.id. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
+    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can ingest Products of all types. When ingesting a Product, its type will default to Product.Type.PRIMARY if unset. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
     "merchantCenterProductIdField": "A String", # Which field of [Merchant Center Product](/bigquery-transfer/docs/merchant-center-products-schema) should be imported as Product.id. Acceptable values are: * `offerId` (default): Import `offerId` as the product ID. * `itemGroupId`: Import `itemGroupId` as the product ID. Notice that Retail API will choose one item from the ones with the same `itemGroupId`, and use it to represent the item group. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `itemGroupId` and ingestion_product_type is `variant`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
   },
 }
@@ -270,7 +270,7 @@
   "displayName": "A String", # Required. Immutable. The catalog display name. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "name": "A String", # Required. Immutable. The fully qualified resource name of the catalog.
   "productLevelConfig": { # Configures what level the product should be uploaded with regards to how users will be send events and how predictions will be made. # Required. The product level configuration.
-    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can only ingest Product.Type.PRIMARY Products. This means Product.primary_product_id can only be empty or set to the same value as Product.id. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
+    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can ingest Products of all types. When ingesting a Product, its type will default to Product.Type.PRIMARY if unset. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
     "merchantCenterProductIdField": "A String", # Which field of [Merchant Center Product](/bigquery-transfer/docs/merchant-center-products-schema) should be imported as Product.id. Acceptable values are: * `offerId` (default): Import `offerId` as the product ID. * `itemGroupId`: Import `itemGroupId` as the product ID. Notice that Retail API will choose one item from the ones with the same `itemGroupId`, and use it to represent the item group. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `itemGroupId` and ingestion_product_type is `variant`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
   },
 }</pre>

docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.products.html

diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.products.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.products.html
index 933d750..75b6ca6 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.products.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.branches.products.html
@@ -173,10 +173,10 @@
 { # Request message for AddLocalInventories method.
   "addMask": "A String", # Indicates which inventory fields in the provided list of LocalInventory to update. The field is updated to the provided value. If a field is set while the place does not have a previous local inventory, the local inventory at that store is created. If a field is set while the value of that field is not provided, the original field value, if it exists, is deleted. If the mask is not set or set with empty paths, all inventory fields will be updated. If an unsupported or unknown field is provided, an INVALID_ARGUMENT error is returned and the entire update will be ignored.
   "addTime": "A String", # The time when the inventory updates are issued. Used to prevent out-of-order updates on local inventory fields. If not provided, the internal system time will be used.
-  "allowMissing": True or False, # If set to true, and the Product is not found, the local inventory will still be processed and retained for at most 1 day and processed once the Product is created. If set to false, an INVALID_ARGUMENT error is returned if the Product is not found.
+  "allowMissing": True or False, # If set to true, and the Product is not found, the local inventory will still be processed and retained for at most 1 day and processed once the Product is created. If set to false, a NOT_FOUND error is returned if the Product is not found.
   "localInventories": [ # Required. A list of inventory information at difference places. Each place is identified by its place ID. At most 1000 inventories are allowed per request.
     { # The inventory information at a place (e.g. a store) identified by a place ID.
-      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. * At most 5 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. * The key must be a UTF-8 encoded string with a length limit of 10 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * The max number of values per attribute is 10. * For text values, the length limit is 10 UTF-8 characters.
+      "attributes": { # Additional local inventory attributes, for example, store name, promotion tags, etc. * At most 5 values are allowed. Otherwise, an INVALID_ARGUMENT error is returned. * The key must be a UTF-8 encoded string with a length limit of 10 characters. * The key must match the pattern: `a-zA-Z0-9*`. For example, key0LikeThis or KEY_1_LIKE_THIS. * The attribute values must be of the same type (text or number). * The max number of values per attribute is 10. * For text values, the length limit is 10 UTF-8 characters. * The attribute does not support search. The `searchable` field should be unset or set to false.
         "a_key": { # A custom attribute that is not explicitly modeled in Product.
           "indexable": True or False, # If true, custom attribute values are indexed, so that it can be filtered, faceted or boosted in SearchService.Search. This field is ignored in a UserEvent. See SearchRequest.filter, SearchRequest.facet_specs and SearchRequest.boost_spec for more details.
           "numbers": [ # The numerical values of this custom attribute. For example, `[2.3, 15.4]` when the key is "lengths_cm". At most 400 values are allowed.Otherwise, an INVALID_ARGUMENT error is returned. Exactly one of text or numbers should be set. Otherwise, an INVALID_ARGUMENT error is returned.

docs/dyn/retail_v2alpha.projects.locations.catalogs.html

diff --git a/docs/dyn/retail_v2alpha.projects.locations.catalogs.html b/docs/dyn/retail_v2alpha.projects.locations.catalogs.html
index e813729..452b9e1 100644
--- a/docs/dyn/retail_v2alpha.projects.locations.catalogs.html
+++ b/docs/dyn/retail_v2alpha.projects.locations.catalogs.html
@@ -227,7 +227,7 @@
       },
       "name": "A String", # Required. Immutable. The fully qualified resource name of the catalog.
       "productLevelConfig": { # Configures what level the product should be uploaded with regards to how users will be send events and how predictions will be made. # Required. The product level configuration.
-        "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can only ingest Product.Type.PRIMARY Products. This means Product.primary_product_id can only be empty or set to the same value as Product.id. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
+        "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can ingest Products of all types. When ingesting a Product, its type will default to Product.Type.PRIMARY if unset. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
         "merchantCenterProductIdField": "A String", # Which field of [Merchant Center Product](/bigquery-transfer/docs/merchant-center-products-schema) should be imported as Product.id. Acceptable values are: * `offerId` (default): Import `offerId` as the product ID. * `itemGroupId`: Import `itemGroupId` as the product ID. Notice that Retail API will choose one item from the ones with the same `itemGroupId`, and use it to represent the item group. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `itemGroupId` and ingestion_product_type is `variant`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
       },
     },
@@ -274,7 +274,7 @@
   },
   "name": "A String", # Required. Immutable. The fully qualified resource name of the catalog.
   "productLevelConfig": { # Configures what level the product should be uploaded with regards to how users will be send events and how predictions will be made. # Required. The product level configuration.
-    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can only ingest Product.Type.PRIMARY Products. This means Product.primary_product_id can only be empty or set to the same value as Product.id. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
+    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can ingest Products of all types. When ingesting a Product, its type will default to Product.Type.PRIMARY if unset. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
     "merchantCenterProductIdField": "A String", # Which field of [Merchant Center Product](/bigquery-transfer/docs/merchant-center-products-schema) should be imported as Product.id. Acceptable values are: * `offerId` (default): Import `offerId` as the product ID. * `itemGroupId`: Import `itemGroupId` as the product ID. Notice that Retail API will choose one item from the ones with the same `itemGroupId`, and use it to represent the item group. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `itemGroupId` and ingestion_product_type is `variant`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
   },
 }
@@ -303,7 +303,7 @@
   },
   "name": "A String", # Required. Immutable. The fully qualified resource name of the catalog.
   "productLevelConfig": { # Configures what level the product should be uploaded with regards to how users will be send events and how predictions will be made. # Required. The product level configuration.
-    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can only ingest Product.Type.PRIMARY Products. This means Product.primary_product_id can only be empty or set to the same value as Product.id. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
+    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can ingest Products of all types. When ingesting a Product, its type will default to Product.Type.PRIMARY if unset. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
     "merchantCenterProductIdField": "A String", # Which field of [Merchant Center Product](/bigquery-transfer/docs/merchant-center-products-schema) should be imported as Product.id. Acceptable values are: * `offerId` (default): Import `offerId` as the product ID. * `itemGroupId`: Import `itemGroupId` as the product ID. Notice that Retail API will choose one item from the ones with the same `itemGroupId`, and use it to represent the item group. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `itemGroupId` and ingestion_product_type is `variant`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
   },
 }</pre>

docs/dyn/retail_v2beta.projects.locations.catalogs.html

diff --git a/docs/dyn/retail_v2beta.projects.locations.catalogs.html b/docs/dyn/retail_v2beta.projects.locations.catalogs.html
index 147d713..9ee8a7f 100644
--- a/docs/dyn/retail_v2beta.projects.locations.catalogs.html
+++ b/docs/dyn/retail_v2beta.projects.locations.catalogs.html
@@ -216,7 +216,7 @@
       "displayName": "A String", # Required. Immutable. The catalog display name. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
       "name": "A String", # Required. Immutable. The fully qualified resource name of the catalog.
       "productLevelConfig": { # Configures what level the product should be uploaded with regards to how users will be send events and how predictions will be made. # Required. The product level configuration.
-        "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can only ingest Product.Type.PRIMARY Products. This means Product.primary_product_id can only be empty or set to the same value as Product.id. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
+        "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can ingest Products of all types. When ingesting a Product, its type will default to Product.Type.PRIMARY if unset. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
         "merchantCenterProductIdField": "A String", # Which field of [Merchant Center Product](/bigquery-transfer/docs/merchant-center-products-schema) should be imported as Product.id. Acceptable values are: * `offerId` (default): Import `offerId` as the product ID. * `itemGroupId`: Import `itemGroupId` as the product ID. Notice that Retail API will choose one item from the ones with the same `itemGroupId`, and use it to represent the item group. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `itemGroupId` and ingestion_product_type is `variant`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
       },
     },
@@ -252,7 +252,7 @@
   "displayName": "A String", # Required. Immutable. The catalog display name. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "name": "A String", # Required. Immutable. The fully qualified resource name of the catalog.
   "productLevelConfig": { # Configures what level the product should be uploaded with regards to how users will be send events and how predictions will be made. # Required. The product level configuration.
-    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can only ingest Product.Type.PRIMARY Products. This means Product.primary_product_id can only be empty or set to the same value as Product.id. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
+    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can ingest Products of all types. When ingesting a Product, its type will default to Product.Type.PRIMARY if unset. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
     "merchantCenterProductIdField": "A String", # Which field of [Merchant Center Product](/bigquery-transfer/docs/merchant-center-products-schema) should be imported as Product.id. Acceptable values are: * `offerId` (default): Import `offerId` as the product ID. * `itemGroupId`: Import `itemGroupId` as the product ID. Notice that Retail API will choose one item from the ones with the same `itemGroupId`, and use it to represent the item group. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `itemGroupId` and ingestion_product_type is `variant`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
   },
 }
@@ -270,7 +270,7 @@
   "displayName": "A String", # Required. Immutable. The catalog display name. This field must be a UTF-8 encoded string with a length limit of 128 characters. Otherwise, an INVALID_ARGUMENT error is returned.
   "name": "A String", # Required. Immutable. The fully qualified resource name of the catalog.
   "productLevelConfig": { # Configures what level the product should be uploaded with regards to how users will be send events and how predictions will be made. # Required. The product level configuration.
-    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can only ingest Product.Type.PRIMARY Products. This means Product.primary_product_id can only be empty or set to the same value as Product.id. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
+    "ingestionProductType": "A String", # The type of Products allowed to be ingested into the catalog. Acceptable values are: * `primary` (default): You can ingest Products of all types. When ingesting a Product, its type will default to Product.Type.PRIMARY if unset. * `variant`: You can only ingest Product.Type.VARIANT Products. This means Product.primary_product_id cannot be empty. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `variant` and merchant_center_product_id_field is `itemGroupId`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
     "merchantCenterProductIdField": "A String", # Which field of [Merchant Center Product](/bigquery-transfer/docs/merchant-center-products-schema) should be imported as Product.id. Acceptable values are: * `offerId` (default): Import `offerId` as the product ID. * `itemGroupId`: Import `itemGroupId` as the product ID. Notice that Retail API will choose one item from the ones with the same `itemGroupId`, and use it to represent the item group. If this field is set to an invalid value other than these, an INVALID_ARGUMENT error is returned. If this field is `itemGroupId` and ingestion_product_type is `variant`, an INVALID_ARGUMENT error is returned. See [Using product levels](https://cloud.google.com/retail/recommendations-ai/docs/catalog#product-levels) for more details.
   },
 }</pre>

docs/dyn/run_v1.projects.locations.services.html

diff --git a/docs/dyn/run_v1.projects.locations.services.html b/docs/dyn/run_v1.projects.locations.services.html
index 5551f4e..19c968a 100644
--- a/docs/dyn/run_v1.projects.locations.services.html
+++ b/docs/dyn/run_v1.projects.locations.services.html
@@ -1128,7 +1128,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/runtimeconfig_v1beta1.projects.configs.html

diff --git a/docs/dyn/runtimeconfig_v1beta1.projects.configs.html b/docs/dyn/runtimeconfig_v1beta1.projects.configs.html
index c9a6f3a..9f03d46 100644
--- a/docs/dyn/runtimeconfig_v1beta1.projects.configs.html
+++ b/docs/dyn/runtimeconfig_v1beta1.projects.configs.html
@@ -198,7 +198,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/secretmanager_v1.projects.secrets.html

diff --git a/docs/dyn/secretmanager_v1.projects.secrets.html b/docs/dyn/secretmanager_v1.projects.secrets.html
index a41e82f..f3b88f1 100644
--- a/docs/dyn/secretmanager_v1.projects.secrets.html
+++ b/docs/dyn/secretmanager_v1.projects.secrets.html
@@ -337,7 +337,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/secretmanager_v1beta1.projects.secrets.html

diff --git a/docs/dyn/secretmanager_v1beta1.projects.secrets.html b/docs/dyn/secretmanager_v1beta1.projects.secrets.html
index 09cf769..7802bfc 100644
--- a/docs/dyn/secretmanager_v1beta1.projects.secrets.html
+++ b/docs/dyn/secretmanager_v1beta1.projects.secrets.html
@@ -264,7 +264,7 @@
 
 Args:
   resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
-  options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+  options_requestedPolicyVersion: integer, Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/securitycenter_v1.folders.findings.html

diff --git a/docs/dyn/securitycenter_v1.folders.findings.html b/docs/dyn/securitycenter_v1.folders.findings.html
new file mode 100644
index 0000000..2ee57d7
--- /dev/null
+++ b/docs/dyn/securitycenter_v1.folders.findings.html
@@ -0,0 +1,132 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.folders.html">folders</a> . <a href="securitycenter_v1.folders.findings.html">findings</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#bulkMute">bulkMute(parent, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Kicks off an LRO to bulk mute findings for a parent based on a filter. The parent can be either an organization, folder or project. The findings matched by the filter will be muted after the LRO is done.</p>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="bulkMute">bulkMute(parent, body=None, x__xgafv=None)</code>
+  <pre>Kicks off an LRO to bulk mute findings for a parent based on a filter. The parent can be either an organization, folder or project. The findings matched by the filter will be muted after the LRO is done.
+
+Args:
+  parent: string, Required. The parent, at which bulk action needs to be applied. Its format is &quot;organizations/[organization_id]&quot;, &quot;folders/[folder_id]&quot;, &quot;projects/[project_id]&quot;. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for bulk findings update. Note: 1. If multiple bulk update requests match the same resource, the order in which they get executed is not defined. 2. Once a bulk operation is started, there is no way to stop it.
+  &quot;filter&quot;: &quot;A String&quot;, # Expression that identifies findings that should be updated. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form ` ` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the corresponding resource. The supported operators are: * `=` for all value types. * `&gt;`, `&lt;`, `&gt;=`, `&lt;=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes.
+  &quot;muteAnnotation&quot;: &quot;A String&quot;, # This can be a mute configuration name or any identifier for mute/unmute of findings based on the filter.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/securitycenter_v1.folders.html

diff --git a/docs/dyn/securitycenter_v1.folders.html b/docs/dyn/securitycenter_v1.folders.html
index f65ddfd..1589e45 100644
--- a/docs/dyn/securitycenter_v1.folders.html
+++ b/docs/dyn/securitycenter_v1.folders.html
@@ -80,6 +80,16 @@
 <p class="firstline">Returns the assets Resource.</p>
 
 <p class="toc_element">
+  <code><a href="securitycenter_v1.folders.findings.html">findings()</a></code>
+</p>
+<p class="firstline">Returns the findings Resource.</p>
+
+<p class="toc_element">
+  <code><a href="securitycenter_v1.folders.muteConfigs.html">muteConfigs()</a></code>
+</p>
+<p class="firstline">Returns the muteConfigs Resource.</p>
+
+<p class="toc_element">
   <code><a href="securitycenter_v1.folders.sources.html">sources()</a></code>
 </p>
 <p class="firstline">Returns the sources Resource.</p>

docs/dyn/securitycenter_v1.folders.muteConfigs.html

diff --git a/docs/dyn/securitycenter_v1.folders.muteConfigs.html b/docs/dyn/securitycenter_v1.folders.muteConfigs.html
new file mode 100644
index 0000000..5d6e9f7
--- /dev/null
+++ b/docs/dyn/securitycenter_v1.folders.muteConfigs.html
@@ -0,0 +1,271 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.folders.html">folders</a> . <a href="securitycenter_v1.folders.muteConfigs.html">muteConfigs</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#create">create(parent, body=None, muteConfigId=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Creates a mute config.</p>
+<p class="toc_element">
+  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Deletes an existing mute config.</p>
+<p class="toc_element">
+  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets a mute config.</p>
+<p class="toc_element">
+  <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Lists mute configs.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates a mute config.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="create">create(parent, body=None, muteConfigId=None, x__xgafv=None)</code>
+  <pre>Creates a mute config.
+
+Args:
+  parent: string, Required. Resource name of the new mute configs&#x27;s parent. Its format is &quot;organizations/[organization_id]&quot;, &quot;folders/[folder_id]&quot;, or &quot;projects/[project_id]&quot;. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}
+
+  muteConfigId: string, Required. Unique identifier provided by the client within the parent scope. It must consist of lower case letters, numbers, and hyphen, with the first character a letter, the last a letter or a number, and a 63 character maximum.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
+  <pre>Deletes an existing mute config.
+
+Args:
+  name: string, Required. Name of the mute config to delete. Its format is organizations/{organization}/muteConfigs/{config_id}, folders/{folder}/muteConfigs/{config_id}, or projects/{project}/muteConfigs/{config_id} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="get">get(name, x__xgafv=None)</code>
+  <pre>Gets a mute config.
+
+Args:
+  name: string, Required. Name of the mute config to retrieve. Its format is organizations/{organization}/muteConfigs/{config_id}, folders/{folder}/muteConfigs/{config_id}, or projects/{project}/muteConfigs/{config_id} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
+  <pre>Lists mute configs.
+
+Args:
+  parent: string, Required. The parent, which owns the collection of mute configs. Its format is &quot;organizations/[organization_id]&quot;, &quot;folders/[folder_id]&quot;, &quot;projects/[project_id]&quot;. (required)
+  pageSize: integer, The maximum number of configs to return. The service may return fewer than this value. If unspecified, at most 10 configs will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
+  pageToken: string, A page token, received from a previous `ListMuteConfigs` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListMuteConfigs` must match the call that provided the page token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for listing mute configs.
+  &quot;muteConfigs&quot;: [ # The mute configs from the specified parent.
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+      &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+      &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+      &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+      &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+      &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+      &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+    },
+  ],
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Updates a mute config.
+
+Args:
+  name: string, This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot; (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}
+
+  updateMask: string, The list of fields to be updated. If empty all mutable fields will be updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/securitycenter_v1.folders.sources.findings.externalSystems.html

diff --git a/docs/dyn/securitycenter_v1.folders.sources.findings.externalSystems.html b/docs/dyn/securitycenter_v1.folders.sources.findings.externalSystems.html
new file mode 100644
index 0000000..d5cabf8
--- /dev/null
+++ b/docs/dyn/securitycenter_v1.folders.sources.findings.externalSystems.html
@@ -0,0 +1,128 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.folders.html">folders</a> . <a href="securitycenter_v1.folders.sources.html">sources</a> . <a href="securitycenter_v1.folders.sources.findings.html">findings</a> . <a href="securitycenter_v1.folders.sources.findings.externalSystems.html">externalSystems</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates external system. This is for a given finding.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Updates external system. This is for a given finding.
+
+Args:
+  name: string, External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Representation of third party SIEM/SOAR fields within SCC.
+  &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+    &quot;A String&quot;,
+  ],
+  &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+  &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+  &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+  &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+}
+
+  updateMask: string, The FieldMask to use when updating the external system resource. If empty all mutable fields will be updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Representation of third party SIEM/SOAR fields within SCC.
+  &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+    &quot;A String&quot;,
+  ],
+  &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+  &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+  &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+  &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/securitycenter_v1.folders.sources.findings.html

diff --git a/docs/dyn/securitycenter_v1.folders.sources.findings.html b/docs/dyn/securitycenter_v1.folders.sources.findings.html
index 4671ba5..69d34aa 100644
--- a/docs/dyn/securitycenter_v1.folders.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.folders.sources.findings.html
@@ -75,6 +75,11 @@
 <h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.folders.html">folders</a> . <a href="securitycenter_v1.folders.sources.html">sources</a> . <a href="securitycenter_v1.folders.sources.findings.html">findings</a></h1>
 <h2>Instance Methods</h2>
 <p class="toc_element">
+  <code><a href="securitycenter_v1.folders.sources.findings.externalSystems.html">externalSystems()</a></code>
+</p>
+<p class="firstline">Returns the externalSystems Resource.</p>
+
+<p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
 <p class="toc_element">
@@ -93,6 +98,9 @@
   <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.</p>
 <p class="toc_element">
+  <code><a href="#setMute">setMute(name, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates the mute state of a finding.</p>
+<p class="toc_element">
   <code><a href="#setState">setState(name, body=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Updates the state of a finding.</p>
 <p class="toc_element">
@@ -188,6 +196,17 @@
         &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
         &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
         &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+        &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+          &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+            &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+              &quot;A String&quot;,
+            ],
+            &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+            &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+            &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+            &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+          },
+        },
         &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
         &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
         &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -198,6 +217,9 @@
             &quot;A String&quot;,
           ],
         },
+        &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+        &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+        &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
         &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
         &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
         &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -288,6 +310,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -298,6 +331,9 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -351,6 +387,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -361,6 +408,99 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
+  &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
+  &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
+  &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
+  &quot;securityMarks&quot;: { # User specified security marks that are attached to the parent Security Command Center resource. Security marks are scoped within a Security Command Center organization -- they can be modified and viewed by all users who have proper permissions on the organization. # Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.
+    &quot;canonicalName&quot;: &quot;A String&quot;, # The canonical name of the marks. Examples: &quot;organizations/{organization_id}/assets/{asset_id}/securityMarks&quot; &quot;folders/{folder_id}/assets/{asset_id}/securityMarks&quot; &quot;projects/{project_number}/assets/{asset_id}/securityMarks&quot; &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks&quot; &quot;folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks&quot; &quot;projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks&quot;
+    &quot;marks&quot;: { # Mutable user specified security marks belonging to the parent resource. Constraints are as follows: * Keys and values are treated as case insensitive * Keys must be between 1 - 256 characters (inclusive) * Keys must be letters, numbers, underscores, or dashes * Values have leading and trailing whitespace trimmed, remaining characters must be between 1 - 4096 characters (inclusive)
+      &quot;a_key&quot;: &quot;A String&quot;,
+    },
+    &quot;name&quot;: &quot;A String&quot;, # The relative resource name of the SecurityMarks. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Examples: &quot;organizations/{organization_id}/assets/{asset_id}/securityMarks&quot; &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks&quot;.
+  },
+  &quot;severity&quot;: &quot;A String&quot;, # The severity of the finding. This field is managed by the source that writes the finding.
+  &quot;sourceProperties&quot;: { # Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.
+    &quot;a_key&quot;: &quot;&quot;,
+  },
+  &quot;state&quot;: &quot;A String&quot;, # The state of the finding.
+  &quot;vulnerability&quot;: { # Refers to common vulnerability fields e.g. cve, cvss, cwe etc. # Represents vulnerability specific fields like cve, cvss scores etc. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)
+    &quot;cve&quot;: { # CVE stands for Common Vulnerabilities and Exposures. More information: https://cve.mitre.org # CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)
+      &quot;cvssv3&quot;: { # Common Vulnerability Scoring System version 3. # Describe Common Vulnerability Scoring System specified at https://www.first.org/cvss/v3.1/specification-document
+        &quot;attackComplexity&quot;: &quot;A String&quot;, # This metric describes the conditions beyond the attacker&#x27;s control that must exist in order to exploit the vulnerability.
+        &quot;attackVector&quot;: &quot;A String&quot;, # Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. This metric reflects the context by which vulnerability exploitation is possible.
+        &quot;availabilityImpact&quot;: &quot;A String&quot;, # This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.
+        &quot;baseScore&quot;: 3.14, # The base score is a function of the base metric scores.
+        &quot;confidentialityImpact&quot;: &quot;A String&quot;, # This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.
+        &quot;integrityImpact&quot;: &quot;A String&quot;, # This metric measures the impact to integrity of a successfully exploited vulnerability.
+        &quot;privilegesRequired&quot;: &quot;A String&quot;, # This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
+        &quot;scope&quot;: &quot;A String&quot;, # The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
+        &quot;userInteraction&quot;: &quot;A String&quot;, # This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.
+      },
+      &quot;id&quot;: &quot;A String&quot;, # The unique identifier for the vulnerability. e.g. CVE-2021-34527
+      &quot;references&quot;: [ # Additional information about the CVE. e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527
+        { # Additional Links
+          &quot;source&quot;: &quot;A String&quot;, # Source of the reference e.g. NVD
+          &quot;uri&quot;: &quot;A String&quot;, # Uri for the mentioned source e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527.
+        },
+      ],
+    },
+  },
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="setMute">setMute(name, body=None, x__xgafv=None)</code>
+  <pre>Updates the mute state of a finding.
+
+Args:
+  name: string, Required. The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/finding/{finding_id}&quot;, &quot;folders/{folder_id}/sources/{source_id}/finding/{finding_id}&quot;, &quot;projects/{project_id}/sources/{source_id}/finding/{finding_id}&quot;. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for updating a finding&#x27;s mute status.
+  &quot;mute&quot;: &quot;A String&quot;, # Required. The desired state of the Mute.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Security Command Center finding. A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.
+  &quot;canonicalName&quot;: &quot;A String&quot;, # The canonical name of the finding. It&#x27;s either &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;, &quot;folders/{folder_id}/sources/{source_id}/findings/{finding_id}&quot; or &quot;projects/{project_number}/sources/{source_id}/findings/{finding_id}&quot;, depending on the closest CRM ancestor of the resource associated with the finding.
+  &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
+  &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
+  &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
+  &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
+  &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
+  &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
+    &quot;domains&quot;: [ # List of domains associated to the Finding.
+      &quot;A String&quot;,
+    ],
+    &quot;ipAddresses&quot;: [ # List of ip addresses associated to the Finding.
+      &quot;A String&quot;,
+    ],
+  },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -428,6 +568,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -438,6 +589,9 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

docs/dyn/securitycenter_v1.organizations.findings.html

diff --git a/docs/dyn/securitycenter_v1.organizations.findings.html b/docs/dyn/securitycenter_v1.organizations.findings.html
new file mode 100644
index 0000000..42fd896
--- /dev/null
+++ b/docs/dyn/securitycenter_v1.organizations.findings.html
@@ -0,0 +1,132 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.organizations.html">organizations</a> . <a href="securitycenter_v1.organizations.findings.html">findings</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#bulkMute">bulkMute(parent, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Kicks off an LRO to bulk mute findings for a parent based on a filter. The parent can be either an organization, folder or project. The findings matched by the filter will be muted after the LRO is done.</p>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="bulkMute">bulkMute(parent, body=None, x__xgafv=None)</code>
+  <pre>Kicks off an LRO to bulk mute findings for a parent based on a filter. The parent can be either an organization, folder or project. The findings matched by the filter will be muted after the LRO is done.
+
+Args:
+  parent: string, Required. The parent, at which bulk action needs to be applied. Its format is &quot;organizations/[organization_id]&quot;, &quot;folders/[folder_id]&quot;, &quot;projects/[project_id]&quot;. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for bulk findings update. Note: 1. If multiple bulk update requests match the same resource, the order in which they get executed is not defined. 2. Once a bulk operation is started, there is no way to stop it.
+  &quot;filter&quot;: &quot;A String&quot;, # Expression that identifies findings that should be updated. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form ` ` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the corresponding resource. The supported operators are: * `=` for all value types. * `&gt;`, `&lt;`, `&gt;=`, `&lt;=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes.
+  &quot;muteAnnotation&quot;: &quot;A String&quot;, # This can be a mute configuration name or any identifier for mute/unmute of findings based on the filter.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/securitycenter_v1.organizations.html

diff --git a/docs/dyn/securitycenter_v1.organizations.html b/docs/dyn/securitycenter_v1.organizations.html
index e183e35..68b691e 100644
--- a/docs/dyn/securitycenter_v1.organizations.html
+++ b/docs/dyn/securitycenter_v1.organizations.html
@@ -80,6 +80,16 @@
 <p class="firstline">Returns the assets Resource.</p>
 
 <p class="toc_element">
+  <code><a href="securitycenter_v1.organizations.findings.html">findings()</a></code>
+</p>
+<p class="firstline">Returns the findings Resource.</p>
+
+<p class="toc_element">
+  <code><a href="securitycenter_v1.organizations.muteConfigs.html">muteConfigs()</a></code>
+</p>
+<p class="firstline">Returns the muteConfigs Resource.</p>
+
+<p class="toc_element">
   <code><a href="securitycenter_v1.organizations.notificationConfigs.html">notificationConfigs()</a></code>
 </p>
 <p class="firstline">Returns the notificationConfigs Resource.</p>

docs/dyn/securitycenter_v1.organizations.muteConfigs.html

diff --git a/docs/dyn/securitycenter_v1.organizations.muteConfigs.html b/docs/dyn/securitycenter_v1.organizations.muteConfigs.html
new file mode 100644
index 0000000..ef8412c
--- /dev/null
+++ b/docs/dyn/securitycenter_v1.organizations.muteConfigs.html
@@ -0,0 +1,271 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.organizations.html">organizations</a> . <a href="securitycenter_v1.organizations.muteConfigs.html">muteConfigs</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#create">create(parent, body=None, muteConfigId=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Creates a mute config.</p>
+<p class="toc_element">
+  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Deletes an existing mute config.</p>
+<p class="toc_element">
+  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets a mute config.</p>
+<p class="toc_element">
+  <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Lists mute configs.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates a mute config.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="create">create(parent, body=None, muteConfigId=None, x__xgafv=None)</code>
+  <pre>Creates a mute config.
+
+Args:
+  parent: string, Required. Resource name of the new mute configs&#x27;s parent. Its format is &quot;organizations/[organization_id]&quot;, &quot;folders/[folder_id]&quot;, or &quot;projects/[project_id]&quot;. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}
+
+  muteConfigId: string, Required. Unique identifier provided by the client within the parent scope. It must consist of lower case letters, numbers, and hyphen, with the first character a letter, the last a letter or a number, and a 63 character maximum.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
+  <pre>Deletes an existing mute config.
+
+Args:
+  name: string, Required. Name of the mute config to delete. Its format is organizations/{organization}/muteConfigs/{config_id}, folders/{folder}/muteConfigs/{config_id}, or projects/{project}/muteConfigs/{config_id} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="get">get(name, x__xgafv=None)</code>
+  <pre>Gets a mute config.
+
+Args:
+  name: string, Required. Name of the mute config to retrieve. Its format is organizations/{organization}/muteConfigs/{config_id}, folders/{folder}/muteConfigs/{config_id}, or projects/{project}/muteConfigs/{config_id} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
+  <pre>Lists mute configs.
+
+Args:
+  parent: string, Required. The parent, which owns the collection of mute configs. Its format is &quot;organizations/[organization_id]&quot;, &quot;folders/[folder_id]&quot;, &quot;projects/[project_id]&quot;. (required)
+  pageSize: integer, The maximum number of configs to return. The service may return fewer than this value. If unspecified, at most 10 configs will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
+  pageToken: string, A page token, received from a previous `ListMuteConfigs` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListMuteConfigs` must match the call that provided the page token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for listing mute configs.
+  &quot;muteConfigs&quot;: [ # The mute configs from the specified parent.
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+      &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+      &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+      &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+      &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+      &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+      &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+    },
+  ],
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Updates a mute config.
+
+Args:
+  name: string, This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot; (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}
+
+  updateMask: string, The list of fields to be updated. If empty all mutable fields will be updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/securitycenter_v1.organizations.sources.findings.externalSystems.html

diff --git a/docs/dyn/securitycenter_v1.organizations.sources.findings.externalSystems.html b/docs/dyn/securitycenter_v1.organizations.sources.findings.externalSystems.html
new file mode 100644
index 0000000..243150d
--- /dev/null
+++ b/docs/dyn/securitycenter_v1.organizations.sources.findings.externalSystems.html
@@ -0,0 +1,128 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.organizations.html">organizations</a> . <a href="securitycenter_v1.organizations.sources.html">sources</a> . <a href="securitycenter_v1.organizations.sources.findings.html">findings</a> . <a href="securitycenter_v1.organizations.sources.findings.externalSystems.html">externalSystems</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates external system. This is for a given finding.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Updates external system. This is for a given finding.
+
+Args:
+  name: string, External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Representation of third party SIEM/SOAR fields within SCC.
+  &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+    &quot;A String&quot;,
+  ],
+  &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+  &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+  &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+  &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+}
+
+  updateMask: string, The FieldMask to use when updating the external system resource. If empty all mutable fields will be updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Representation of third party SIEM/SOAR fields within SCC.
+  &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+    &quot;A String&quot;,
+  ],
+  &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+  &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+  &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+  &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/securitycenter_v1.organizations.sources.findings.html

diff --git a/docs/dyn/securitycenter_v1.organizations.sources.findings.html b/docs/dyn/securitycenter_v1.organizations.sources.findings.html
index bdd997f..64863d2 100644
--- a/docs/dyn/securitycenter_v1.organizations.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.organizations.sources.findings.html
@@ -75,6 +75,11 @@
 <h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.organizations.html">organizations</a> . <a href="securitycenter_v1.organizations.sources.html">sources</a> . <a href="securitycenter_v1.organizations.sources.findings.html">findings</a></h1>
 <h2>Instance Methods</h2>
 <p class="toc_element">
+  <code><a href="securitycenter_v1.organizations.sources.findings.externalSystems.html">externalSystems()</a></code>
+</p>
+<p class="firstline">Returns the externalSystems Resource.</p>
+
+<p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
 <p class="toc_element">
@@ -96,6 +101,9 @@
   <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.</p>
 <p class="toc_element">
+  <code><a href="#setMute">setMute(name, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates the mute state of a finding.</p>
+<p class="toc_element">
   <code><a href="#setState">setState(name, body=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Updates the state of a finding.</p>
 <p class="toc_element">
@@ -121,6 +129,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -131,6 +150,9 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -184,6 +206,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -194,6 +227,9 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -318,6 +354,17 @@
         &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
         &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
         &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+        &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+          &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+            &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+              &quot;A String&quot;,
+            ],
+            &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+            &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+            &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+            &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+          },
+        },
         &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
         &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
         &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -328,6 +375,9 @@
             &quot;A String&quot;,
           ],
         },
+        &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+        &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+        &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
         &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
         &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
         &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -418,6 +468,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -428,6 +489,9 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -481,6 +545,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -491,6 +566,99 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
+  &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
+  &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
+  &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
+  &quot;securityMarks&quot;: { # User specified security marks that are attached to the parent Security Command Center resource. Security marks are scoped within a Security Command Center organization -- they can be modified and viewed by all users who have proper permissions on the organization. # Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.
+    &quot;canonicalName&quot;: &quot;A String&quot;, # The canonical name of the marks. Examples: &quot;organizations/{organization_id}/assets/{asset_id}/securityMarks&quot; &quot;folders/{folder_id}/assets/{asset_id}/securityMarks&quot; &quot;projects/{project_number}/assets/{asset_id}/securityMarks&quot; &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks&quot; &quot;folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks&quot; &quot;projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks&quot;
+    &quot;marks&quot;: { # Mutable user specified security marks belonging to the parent resource. Constraints are as follows: * Keys and values are treated as case insensitive * Keys must be between 1 - 256 characters (inclusive) * Keys must be letters, numbers, underscores, or dashes * Values have leading and trailing whitespace trimmed, remaining characters must be between 1 - 4096 characters (inclusive)
+      &quot;a_key&quot;: &quot;A String&quot;,
+    },
+    &quot;name&quot;: &quot;A String&quot;, # The relative resource name of the SecurityMarks. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Examples: &quot;organizations/{organization_id}/assets/{asset_id}/securityMarks&quot; &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks&quot;.
+  },
+  &quot;severity&quot;: &quot;A String&quot;, # The severity of the finding. This field is managed by the source that writes the finding.
+  &quot;sourceProperties&quot;: { # Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.
+    &quot;a_key&quot;: &quot;&quot;,
+  },
+  &quot;state&quot;: &quot;A String&quot;, # The state of the finding.
+  &quot;vulnerability&quot;: { # Refers to common vulnerability fields e.g. cve, cvss, cwe etc. # Represents vulnerability specific fields like cve, cvss scores etc. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)
+    &quot;cve&quot;: { # CVE stands for Common Vulnerabilities and Exposures. More information: https://cve.mitre.org # CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)
+      &quot;cvssv3&quot;: { # Common Vulnerability Scoring System version 3. # Describe Common Vulnerability Scoring System specified at https://www.first.org/cvss/v3.1/specification-document
+        &quot;attackComplexity&quot;: &quot;A String&quot;, # This metric describes the conditions beyond the attacker&#x27;s control that must exist in order to exploit the vulnerability.
+        &quot;attackVector&quot;: &quot;A String&quot;, # Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. This metric reflects the context by which vulnerability exploitation is possible.
+        &quot;availabilityImpact&quot;: &quot;A String&quot;, # This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.
+        &quot;baseScore&quot;: 3.14, # The base score is a function of the base metric scores.
+        &quot;confidentialityImpact&quot;: &quot;A String&quot;, # This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.
+        &quot;integrityImpact&quot;: &quot;A String&quot;, # This metric measures the impact to integrity of a successfully exploited vulnerability.
+        &quot;privilegesRequired&quot;: &quot;A String&quot;, # This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
+        &quot;scope&quot;: &quot;A String&quot;, # The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
+        &quot;userInteraction&quot;: &quot;A String&quot;, # This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.
+      },
+      &quot;id&quot;: &quot;A String&quot;, # The unique identifier for the vulnerability. e.g. CVE-2021-34527
+      &quot;references&quot;: [ # Additional information about the CVE. e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527
+        { # Additional Links
+          &quot;source&quot;: &quot;A String&quot;, # Source of the reference e.g. NVD
+          &quot;uri&quot;: &quot;A String&quot;, # Uri for the mentioned source e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527.
+        },
+      ],
+    },
+  },
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="setMute">setMute(name, body=None, x__xgafv=None)</code>
+  <pre>Updates the mute state of a finding.
+
+Args:
+  name: string, Required. The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/finding/{finding_id}&quot;, &quot;folders/{folder_id}/sources/{source_id}/finding/{finding_id}&quot;, &quot;projects/{project_id}/sources/{source_id}/finding/{finding_id}&quot;. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for updating a finding&#x27;s mute status.
+  &quot;mute&quot;: &quot;A String&quot;, # Required. The desired state of the Mute.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Security Command Center finding. A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.
+  &quot;canonicalName&quot;: &quot;A String&quot;, # The canonical name of the finding. It&#x27;s either &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;, &quot;folders/{folder_id}/sources/{source_id}/findings/{finding_id}&quot; or &quot;projects/{project_number}/sources/{source_id}/findings/{finding_id}&quot;, depending on the closest CRM ancestor of the resource associated with the finding.
+  &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
+  &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
+  &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
+  &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
+  &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
+  &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
+    &quot;domains&quot;: [ # List of domains associated to the Finding.
+      &quot;A String&quot;,
+    ],
+    &quot;ipAddresses&quot;: [ # List of ip addresses associated to the Finding.
+      &quot;A String&quot;,
+    ],
+  },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -558,6 +726,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -568,6 +747,9 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

docs/dyn/securitycenter_v1.projects.findings.html

diff --git a/docs/dyn/securitycenter_v1.projects.findings.html b/docs/dyn/securitycenter_v1.projects.findings.html
new file mode 100644
index 0000000..62fb3a6
--- /dev/null
+++ b/docs/dyn/securitycenter_v1.projects.findings.html
@@ -0,0 +1,132 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.projects.html">projects</a> . <a href="securitycenter_v1.projects.findings.html">findings</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#bulkMute">bulkMute(parent, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Kicks off an LRO to bulk mute findings for a parent based on a filter. The parent can be either an organization, folder or project. The findings matched by the filter will be muted after the LRO is done.</p>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="bulkMute">bulkMute(parent, body=None, x__xgafv=None)</code>
+  <pre>Kicks off an LRO to bulk mute findings for a parent based on a filter. The parent can be either an organization, folder or project. The findings matched by the filter will be muted after the LRO is done.
+
+Args:
+  parent: string, Required. The parent, at which bulk action needs to be applied. Its format is &quot;organizations/[organization_id]&quot;, &quot;folders/[folder_id]&quot;, &quot;projects/[project_id]&quot;. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for bulk findings update. Note: 1. If multiple bulk update requests match the same resource, the order in which they get executed is not defined. 2. Once a bulk operation is started, there is no way to stop it.
+  &quot;filter&quot;: &quot;A String&quot;, # Expression that identifies findings that should be updated. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form ` ` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the corresponding resource. The supported operators are: * `=` for all value types. * `&gt;`, `&lt;`, `&gt;=`, `&lt;=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes.
+  &quot;muteAnnotation&quot;: &quot;A String&quot;, # This can be a mute configuration name or any identifier for mute/unmute of findings based on the filter.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # This resource represents a long-running operation that is the result of a network API call.
+  &quot;done&quot;: True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
+  &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
+    &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+    &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+      {
+        &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+      },
+    ],
+    &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+  },
+  &quot;metadata&quot;: { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+  &quot;name&quot;: &quot;A String&quot;, # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
+  &quot;response&quot;: { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
+    &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+  },
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/securitycenter_v1.projects.html

diff --git a/docs/dyn/securitycenter_v1.projects.html b/docs/dyn/securitycenter_v1.projects.html
index e126dfa..838033f 100644
--- a/docs/dyn/securitycenter_v1.projects.html
+++ b/docs/dyn/securitycenter_v1.projects.html
@@ -80,6 +80,16 @@
 <p class="firstline">Returns the assets Resource.</p>
 
 <p class="toc_element">
+  <code><a href="securitycenter_v1.projects.findings.html">findings()</a></code>
+</p>
+<p class="firstline">Returns the findings Resource.</p>
+
+<p class="toc_element">
+  <code><a href="securitycenter_v1.projects.muteConfigs.html">muteConfigs()</a></code>
+</p>
+<p class="firstline">Returns the muteConfigs Resource.</p>
+
+<p class="toc_element">
   <code><a href="securitycenter_v1.projects.sources.html">sources()</a></code>
 </p>
 <p class="firstline">Returns the sources Resource.</p>

docs/dyn/securitycenter_v1.projects.muteConfigs.html

diff --git a/docs/dyn/securitycenter_v1.projects.muteConfigs.html b/docs/dyn/securitycenter_v1.projects.muteConfigs.html
new file mode 100644
index 0000000..b9c8c92
--- /dev/null
+++ b/docs/dyn/securitycenter_v1.projects.muteConfigs.html
@@ -0,0 +1,271 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.projects.html">projects</a> . <a href="securitycenter_v1.projects.muteConfigs.html">muteConfigs</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#create">create(parent, body=None, muteConfigId=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Creates a mute config.</p>
+<p class="toc_element">
+  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Deletes an existing mute config.</p>
+<p class="toc_element">
+  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Gets a mute config.</p>
+<p class="toc_element">
+  <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Lists mute configs.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates a mute config.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="create">create(parent, body=None, muteConfigId=None, x__xgafv=None)</code>
+  <pre>Creates a mute config.
+
+Args:
+  parent: string, Required. Resource name of the new mute configs&#x27;s parent. Its format is &quot;organizations/[organization_id]&quot;, &quot;folders/[folder_id]&quot;, or &quot;projects/[project_id]&quot;. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}
+
+  muteConfigId: string, Required. Unique identifier provided by the client within the parent scope. It must consist of lower case letters, numbers, and hyphen, with the first character a letter, the last a letter or a number, and a 63 character maximum.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
+  <pre>Deletes an existing mute config.
+
+Args:
+  name: string, Required. Name of the mute config to delete. Its format is organizations/{organization}/muteConfigs/{config_id}, folders/{folder}/muteConfigs/{config_id}, or projects/{project}/muteConfigs/{config_id} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="get">get(name, x__xgafv=None)</code>
+  <pre>Gets a mute config.
+
+Args:
+  name: string, Required. Name of the mute config to retrieve. Its format is organizations/{organization}/muteConfigs/{config_id}, folders/{folder}/muteConfigs/{config_id}, or projects/{project}/muteConfigs/{config_id} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
+  <pre>Lists mute configs.
+
+Args:
+  parent: string, Required. The parent, which owns the collection of mute configs. Its format is &quot;organizations/[organization_id]&quot;, &quot;folders/[folder_id]&quot;, &quot;projects/[project_id]&quot;. (required)
+  pageSize: integer, The maximum number of configs to return. The service may return fewer than this value. If unspecified, at most 10 configs will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
+  pageToken: string, A page token, received from a previous `ListMuteConfigs` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListMuteConfigs` must match the call that provided the page token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Response message for listing mute configs.
+  &quot;muteConfigs&quot;: [ # The mute configs from the specified parent.
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+      &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+      &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+      &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+      &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+      &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+      &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+    },
+  ],
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Updates a mute config.
+
+Args:
+  name: string, This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot; (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}
+
+  updateMask: string, The list of fields to be updated. If empty all mutable fields will be updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
+  &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation.
+  &quot;description&quot;: &quot;A String&quot;, # A description of the mute config.
+  &quot;displayName&quot;: &quot;A String&quot;, # The human readable name to be displayed for the mute config.
+  &quot;filter&quot;: &quot;A String&quot;, # Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+  &quot;mostRecentEditor&quot;: &quot;A String&quot;, # Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update.
+  &quot;name&quot;: &quot;A String&quot;, # This field will be ignored if provided on config creation. Format &quot;organizations/{organization}/muteConfigs/{mute_config}&quot; &quot;folders/{folder}/muteConfigs/{mute_config}&quot; &quot;projects/{project}/muteConfigs/{mute_config}&quot;
+  &quot;updateTime&quot;: &quot;A String&quot;, # Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update.
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/securitycenter_v1.projects.sources.findings.externalSystems.html

diff --git a/docs/dyn/securitycenter_v1.projects.sources.findings.externalSystems.html b/docs/dyn/securitycenter_v1.projects.sources.findings.externalSystems.html
new file mode 100644
index 0000000..ea2e520
--- /dev/null
+++ b/docs/dyn/securitycenter_v1.projects.sources.findings.externalSystems.html
@@ -0,0 +1,128 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.projects.html">projects</a> . <a href="securitycenter_v1.projects.sources.html">sources</a> . <a href="securitycenter_v1.projects.sources.findings.html">findings</a> . <a href="securitycenter_v1.projects.sources.findings.externalSystems.html">externalSystems</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates external system. This is for a given finding.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Updates external system. This is for a given finding.
+
+Args:
+  name: string, External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Representation of third party SIEM/SOAR fields within SCC.
+  &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+    &quot;A String&quot;,
+  ],
+  &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+  &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+  &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+  &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+}
+
+  updateMask: string, The FieldMask to use when updating the external system resource. If empty all mutable fields will be updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Representation of third party SIEM/SOAR fields within SCC.
+  &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+    &quot;A String&quot;,
+  ],
+  &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+  &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+  &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+  &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/securitycenter_v1.projects.sources.findings.html

diff --git a/docs/dyn/securitycenter_v1.projects.sources.findings.html b/docs/dyn/securitycenter_v1.projects.sources.findings.html
index 9621942..d5c9ff8 100644
--- a/docs/dyn/securitycenter_v1.projects.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.projects.sources.findings.html
@@ -75,6 +75,11 @@
 <h1><a href="securitycenter_v1.html">Security Command Center API</a> . <a href="securitycenter_v1.projects.html">projects</a> . <a href="securitycenter_v1.projects.sources.html">sources</a> . <a href="securitycenter_v1.projects.sources.findings.html">findings</a></h1>
 <h2>Instance Methods</h2>
 <p class="toc_element">
+  <code><a href="securitycenter_v1.projects.sources.findings.externalSystems.html">externalSystems()</a></code>
+</p>
+<p class="firstline">Returns the externalSystems Resource.</p>
+
+<p class="toc_element">
   <code><a href="#close">close()</a></code></p>
 <p class="firstline">Close httplib2 connections.</p>
 <p class="toc_element">
@@ -93,6 +98,9 @@
   <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Creates or updates a finding. The corresponding source must exist for a finding creation to succeed.</p>
 <p class="toc_element">
+  <code><a href="#setMute">setMute(name, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Updates the mute state of a finding.</p>
+<p class="toc_element">
   <code><a href="#setState">setState(name, body=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Updates the state of a finding.</p>
 <p class="toc_element">
@@ -188,6 +196,17 @@
         &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
         &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
         &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+        &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+          &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+            &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+              &quot;A String&quot;,
+            ],
+            &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+            &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+            &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+            &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+          },
+        },
         &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
         &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
         &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -198,6 +217,9 @@
             &quot;A String&quot;,
           ],
         },
+        &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+        &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+        &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
         &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
         &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
         &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -288,6 +310,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -298,6 +331,9 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -351,6 +387,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -361,6 +408,99 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
+  &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
+  &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
+  &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
+  &quot;securityMarks&quot;: { # User specified security marks that are attached to the parent Security Command Center resource. Security marks are scoped within a Security Command Center organization -- they can be modified and viewed by all users who have proper permissions on the organization. # Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.
+    &quot;canonicalName&quot;: &quot;A String&quot;, # The canonical name of the marks. Examples: &quot;organizations/{organization_id}/assets/{asset_id}/securityMarks&quot; &quot;folders/{folder_id}/assets/{asset_id}/securityMarks&quot; &quot;projects/{project_number}/assets/{asset_id}/securityMarks&quot; &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks&quot; &quot;folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks&quot; &quot;projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks&quot;
+    &quot;marks&quot;: { # Mutable user specified security marks belonging to the parent resource. Constraints are as follows: * Keys and values are treated as case insensitive * Keys must be between 1 - 256 characters (inclusive) * Keys must be letters, numbers, underscores, or dashes * Values have leading and trailing whitespace trimmed, remaining characters must be between 1 - 4096 characters (inclusive)
+      &quot;a_key&quot;: &quot;A String&quot;,
+    },
+    &quot;name&quot;: &quot;A String&quot;, # The relative resource name of the SecurityMarks. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Examples: &quot;organizations/{organization_id}/assets/{asset_id}/securityMarks&quot; &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks&quot;.
+  },
+  &quot;severity&quot;: &quot;A String&quot;, # The severity of the finding. This field is managed by the source that writes the finding.
+  &quot;sourceProperties&quot;: { # Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.
+    &quot;a_key&quot;: &quot;&quot;,
+  },
+  &quot;state&quot;: &quot;A String&quot;, # The state of the finding.
+  &quot;vulnerability&quot;: { # Refers to common vulnerability fields e.g. cve, cvss, cwe etc. # Represents vulnerability specific fields like cve, cvss scores etc. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)
+    &quot;cve&quot;: { # CVE stands for Common Vulnerabilities and Exposures. More information: https://cve.mitre.org # CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)
+      &quot;cvssv3&quot;: { # Common Vulnerability Scoring System version 3. # Describe Common Vulnerability Scoring System specified at https://www.first.org/cvss/v3.1/specification-document
+        &quot;attackComplexity&quot;: &quot;A String&quot;, # This metric describes the conditions beyond the attacker&#x27;s control that must exist in order to exploit the vulnerability.
+        &quot;attackVector&quot;: &quot;A String&quot;, # Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. This metric reflects the context by which vulnerability exploitation is possible.
+        &quot;availabilityImpact&quot;: &quot;A String&quot;, # This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.
+        &quot;baseScore&quot;: 3.14, # The base score is a function of the base metric scores.
+        &quot;confidentialityImpact&quot;: &quot;A String&quot;, # This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.
+        &quot;integrityImpact&quot;: &quot;A String&quot;, # This metric measures the impact to integrity of a successfully exploited vulnerability.
+        &quot;privilegesRequired&quot;: &quot;A String&quot;, # This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
+        &quot;scope&quot;: &quot;A String&quot;, # The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
+        &quot;userInteraction&quot;: &quot;A String&quot;, # This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.
+      },
+      &quot;id&quot;: &quot;A String&quot;, # The unique identifier for the vulnerability. e.g. CVE-2021-34527
+      &quot;references&quot;: [ # Additional information about the CVE. e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527
+        { # Additional Links
+          &quot;source&quot;: &quot;A String&quot;, # Source of the reference e.g. NVD
+          &quot;uri&quot;: &quot;A String&quot;, # Uri for the mentioned source e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34527.
+        },
+      ],
+    },
+  },
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="setMute">setMute(name, body=None, x__xgafv=None)</code>
+  <pre>Updates the mute state of a finding.
+
+Args:
+  name: string, Required. The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/finding/{finding_id}&quot;, &quot;folders/{folder_id}/sources/{source_id}/finding/{finding_id}&quot;, &quot;projects/{project_id}/sources/{source_id}/finding/{finding_id}&quot;. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Request message for updating a finding&#x27;s mute status.
+  &quot;mute&quot;: &quot;A String&quot;, # Required. The desired state of the Mute.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Security Command Center finding. A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.
+  &quot;canonicalName&quot;: &quot;A String&quot;, # The canonical name of the finding. It&#x27;s either &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;, &quot;folders/{folder_id}/sources/{source_id}/findings/{finding_id}&quot; or &quot;projects/{project_number}/sources/{source_id}/findings/{finding_id}&quot;, depending on the closest CRM ancestor of the resource associated with the finding.
+  &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
+  &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
+  &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
+  &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
+  &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
+  &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
+    &quot;domains&quot;: [ # List of domains associated to the Finding.
+      &quot;A String&quot;,
+    ],
+    &quot;ipAddresses&quot;: [ # List of ip addresses associated to the Finding.
+      &quot;A String&quot;,
+    ],
+  },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
@@ -428,6 +568,17 @@
   &quot;category&quot;: &quot;A String&quot;, # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: &quot;XSS_FLASH_INJECTION&quot;
   &quot;createTime&quot;: &quot;A String&quot;, # The time at which the finding was created in Security Command Center.
   &quot;eventTime&quot;: &quot;A String&quot;, # The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
+  &quot;externalSystems&quot;: { # Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
+    &quot;a_key&quot;: { # Representation of third party SIEM/SOAR fields within SCC.
+      &quot;assignees&quot;: [ # References primary/secondary etc assignees in the external system.
+        &quot;A String&quot;,
+      ],
+      &quot;externalSystemUpdateTime&quot;: &quot;A String&quot;, # The most recent time when the corresponding finding&#x27;s ticket/tracker was updated in the external system.
+      &quot;externalUid&quot;: &quot;A String&quot;, # Identifier that&#x27;s used to track the given finding in the external system.
+      &quot;name&quot;: &quot;A String&quot;, # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/123456/externalSystems/jira projects/1234/sources/5678/findings/123456/externalSystems/jira
+      &quot;status&quot;: &quot;A String&quot;, # Most recent status of the corresponding finding&#x27;s ticket/tracker in the external system.
+    },
+  },
   &quot;externalUri&quot;: &quot;A String&quot;, # The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
   &quot;findingClass&quot;: &quot;A String&quot;, # The class of the finding.
   &quot;indicator&quot;: { # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise # Represents what&#x27;s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
@@ -438,6 +589,9 @@
       &quot;A String&quot;,
     ],
   },
+  &quot;mute&quot;: &quot;A String&quot;, # Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
+  &quot;muteInitiator&quot;: &quot;A String&quot;, # First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
+  &quot;muteUpdateTime&quot;: &quot;A String&quot;, # Output only. The most recent time this finding was muted or unmuted.
   &quot;name&quot;: &quot;A String&quot;, # The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: &quot;organizations/{organization_id}/sources/{source_id}/findings/{finding_id}&quot;
   &quot;parent&quot;: &quot;A String&quot;, # The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: &quot;organizations/{organization_id}/sources/{source_id}&quot;
   &quot;resourceName&quot;: &quot;A String&quot;, # For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

docs/dyn/servicedirectory_v1.projects.locations.namespaces.html

diff --git a/docs/dyn/servicedirectory_v1.projects.locations.namespaces.html b/docs/dyn/servicedirectory_v1.projects.locations.namespaces.html
index dae53de..9d6ce6f 100644
--- a/docs/dyn/servicedirectory_v1.projects.locations.namespaces.html
+++ b/docs/dyn/servicedirectory_v1.projects.locations.namespaces.html
@@ -199,7 +199,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/servicedirectory_v1.projects.locations.namespaces.services.html

diff --git a/docs/dyn/servicedirectory_v1.projects.locations.namespaces.services.html b/docs/dyn/servicedirectory_v1.projects.locations.namespaces.services.html
index ae56caf..81f9b68 100644
--- a/docs/dyn/servicedirectory_v1.projects.locations.namespaces.services.html
+++ b/docs/dyn/servicedirectory_v1.projects.locations.namespaces.services.html
@@ -232,7 +232,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.html

diff --git a/docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.html b/docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.html
index 06d4472..212bbcf 100644
--- a/docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.html
+++ b/docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.html
@@ -205,7 +205,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.services.html

diff --git a/docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.services.html b/docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.services.html
index 5d4f214..622826e 100644
--- a/docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.services.html
+++ b/docs/dyn/servicedirectory_v1beta1.projects.locations.namespaces.services.html
@@ -247,7 +247,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/servicemanagement_v1.services.consumers.html

diff --git a/docs/dyn/servicemanagement_v1.services.consumers.html b/docs/dyn/servicemanagement_v1.services.consumers.html
index 948d388..836a19a 100644
--- a/docs/dyn/servicemanagement_v1.services.consumers.html
+++ b/docs/dyn/servicemanagement_v1.services.consumers.html
@@ -103,7 +103,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/servicemanagement_v1.services.html

diff --git a/docs/dyn/servicemanagement_v1.services.html b/docs/dyn/servicemanagement_v1.services.html
index 03b3c4c..ad30cf6 100644
--- a/docs/dyn/servicemanagement_v1.services.html
+++ b/docs/dyn/servicemanagement_v1.services.html
@@ -771,7 +771,7 @@
 
 { # Request message for `GetIamPolicy` method.
   "options": { # Encapsulates settings provided to GetIamPolicy. # OPTIONAL: A `GetPolicyOptions` object for specifying options to `GetIamPolicy`.
-    "requestedPolicyVersion": 42, # Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
+    "requestedPolicyVersion": 42, # Optional. The maximum policy version that will be used to format the policy. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional role bindings must specify version 3. Policies with no conditional role bindings may specify any valid value or leave the field unset. The policy in the response might use the policy version that you specified, or it might use a lower policy version. For example, if you specify version 3, but the policy has no conditional role bindings, the response uses version 1. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
   },
 }
 

docs/dyn/slides_v1.presentations.html

diff --git a/docs/dyn/slides_v1.presentations.html b/docs/dyn/slides_v1.presentations.html
index bee6c9e..1eaf511 100644
--- a/docs/dyn/slides_v1.presentations.html
+++ b/docs/dyn/slides_v1.presentations.html
@@ -777,7 +777,1014 @@
           "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
           "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
           "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-          "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+          "notesPage": { # A page in a presentation. # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
+            "layoutProperties": { # The properties of Page are only relevant for pages with page_type LAYOUT. # Layout specific properties. Only set if page_type = LAYOUT.
+              "displayName": "A String", # The human-readable name of the layout.
+              "masterObjectId": "A String", # The object ID of the master that this layout is based on.
+              "name": "A String", # The name of the layout.
+            },
+            "masterProperties": { # The properties of Page that are only relevant for pages with page_type MASTER. # Master specific properties. Only set if page_type = MASTER.
+              "displayName": "A String", # The human-readable name of the master.
+            },
+            "notesProperties": { # The properties of Page that are only relevant for pages with page_type NOTES. # Notes specific properties. Only set if page_type = NOTES.
+              "speakerNotesObjectId": "A String", # The object ID of the shape on this notes page that contains the speaker notes for the corresponding slide. The actual shape may not always exist on the notes page. Inserting text using this object ID will automatically create the shape. In this case, the actual shape may have different object ID. The `GetPresentation` or `GetPage` action will always return the latest object ID.
+            },
+            "objectId": "A String", # The object ID for this page. Object IDs used by Page and PageElement share the same namespace.
+            "pageElements": [ # The page elements rendered on the page.
+              { # A visual element rendered on a page.
+                "description": "A String", # The description of the page element. Combined with title to display alt text. The field is not supported for Group elements.
+                "elementGroup": { # A PageElement kind representing a joined collection of PageElements. # A collection of page elements joined as a single unit.
+                  "children": [ # The collection of elements in the group. The minimum size of a group is 2.
+                    # Object with schema name: PageElement
+                  ],
+                },
+                "image": { # A PageElement kind representing an image. # An image page element.
+                  "contentUrl": "A String", # An URL to an image with a default lifetime of 30 minutes. This URL is tagged with the account of the requester. Anyone with the URL effectively accesses the image as the original requester. Access to the image may be lost if the presentation's sharing settings change.
+                  "imageProperties": { # The properties of the Image. # The properties of the image.
+                    "brightness": 3.14, # The brightness effect of the image. The value should be in the interval [-1.0, 1.0], where 0 means no effect. This property is read-only.
+                    "contrast": 3.14, # The contrast effect of the image. The value should be in the interval [-1.0, 1.0], where 0 means no effect. This property is read-only.
+                    "cropProperties": { # The crop properties of an object enclosed in a container. For example, an Image. The crop properties is represented by the offsets of four edges which define a crop rectangle. The offsets are measured in percentage from the corresponding edges of the object's original bounding rectangle towards inside, relative to the object's original dimensions. - If the offset is in the interval (0, 1), the corresponding edge of crop rectangle is positioned inside of the object's original bounding rectangle. - If the offset is negative or greater than 1, the corresponding edge of crop rectangle is positioned outside of the object's original bounding rectangle. - If the left edge of the crop rectangle is on the right side of its right edge, the object will be flipped horizontally. - If the top edge of the crop rectangle is below its bottom edge, the object will be flipped vertically. - If all offsets and rotation angle is 0, the object is not cropped. After cropping, the content in the crop rectangle will be stretched to fit its container. # The crop properties of the image. If not set, the image is not cropped. This property is read-only.
+                      "angle": 3.14, # The rotation angle of the crop window around its center, in radians. Rotation angle is applied after the offset.
+                      "bottomOffset": 3.14, # The offset specifies the bottom edge of the crop rectangle that is located above the original bounding rectangle bottom edge, relative to the object's original height.
+                      "leftOffset": 3.14, # The offset specifies the left edge of the crop rectangle that is located to the right of the original bounding rectangle left edge, relative to the object's original width.
+                      "rightOffset": 3.14, # The offset specifies the right edge of the crop rectangle that is located to the left of the original bounding rectangle right edge, relative to the object's original width.
+                      "topOffset": 3.14, # The offset specifies the top edge of the crop rectangle that is located below the original bounding rectangle top edge, relative to the object's original height.
+                    },
+                    "link": { # A hypertext link. # The hyperlink destination of the image. If unset, there is no link.
+                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                    },
+                    "outline": { # The outline of a PageElement. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The outline of the image. If not set, the image has no outline.
+                      "dashStyle": "A String", # The dash style of the outline.
+                      "outlineFill": { # The fill of the outline. # The fill of the outline.
+                        "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
+                          "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                          "color": { # A themeable solid color value. # The color value of the solid fill.
+                            "rgbColor": { # An RGB color. # An opaque RGB color.
+                              "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                              "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                              "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                            },
+                            "themeColor": "A String", # An opaque theme color.
+                          },
+                        },
+                      },
+                      "propertyState": "A String", # The outline property state. Updating the outline on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no outline on a page element, set this field to `NOT_RENDERED`. In this case, any other outline fields set in the same request will be ignored.
+                      "weight": { # A magnitude in a single direction in the specified units. # The thickness of the outline.
+                        "magnitude": 3.14, # The magnitude.
+                        "unit": "A String", # The units for magnitude.
+                      },
+                    },
+                    "recolor": { # A recolor effect applied on an image. # The recolor effect of the image. If not set, the image is not recolored. This property is read-only.
+                      "name": "A String", # The name of the recolor effect. The name is determined from the `recolor_stops` by matching the gradient against the colors in the page's current color scheme. This property is read-only.
+                      "recolorStops": [ # The recolor effect is represented by a gradient, which is a list of color stops. The colors in the gradient will replace the corresponding colors at the same position in the color palette and apply to the image. This property is read-only.
+                        { # A color and position in a gradient band.
+                          "alpha": 3.14, # The alpha value of this color in the gradient band. Defaults to 1.0, fully opaque.
+                          "color": { # A themeable solid color value. # The color of the gradient stop.
+                            "rgbColor": { # An RGB color. # An opaque RGB color.
+                              "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                              "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                              "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                            },
+                            "themeColor": "A String", # An opaque theme color.
+                          },
+                          "position": 3.14, # The relative position of the color stop in the gradient band measured in percentage. The value should be in the interval [0.0, 1.0].
+                        },
+                      ],
+                    },
+                    "shadow": { # The shadow properties of a page element. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The shadow of the image. If not set, the image has no shadow. This property is read-only.
+                      "alignment": "A String", # The alignment point of the shadow, that sets the origin for translate, scale and skew of the shadow. This property is read-only.
+                      "alpha": 3.14, # The alpha of the shadow's color, from 0.0 to 1.0.
+                      "blurRadius": { # A magnitude in a single direction in the specified units. # The radius of the shadow blur. The larger the radius, the more diffuse the shadow becomes.
+                        "magnitude": 3.14, # The magnitude.
+                        "unit": "A String", # The units for magnitude.
+                      },
+                      "color": { # A themeable solid color value. # The shadow color value.
+                        "rgbColor": { # An RGB color. # An opaque RGB color.
+                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                        },
+                        "themeColor": "A String", # An opaque theme color.
+                      },
+                      "propertyState": "A String", # The shadow property state. Updating the shadow on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no shadow on a page element, set this field to `NOT_RENDERED`. In this case, any other shadow fields set in the same request will be ignored.
+                      "rotateWithShape": True or False, # Whether the shadow should rotate with the shape. This property is read-only.
+                      "transform": { # AffineTransform uses a 3x3 matrix with an implied last row of [ 0 0 1 ] to transform source coordinates (x,y) into destination coordinates (x', y') according to: x' x = shear_y scale_y translate_y 1 [ 1 ] After transformation, x' = scale_x * x + shear_x * y + translate_x; y' = scale_y * y + shear_y * x + translate_y; This message is therefore composed of these six matrix elements. # Transform that encodes the translate, scale, and skew of the shadow, relative to the alignment position.
+                        "scaleX": 3.14, # The X coordinate scaling element.
+                        "scaleY": 3.14, # The Y coordinate scaling element.
+                        "shearX": 3.14, # The X coordinate shearing element.
+                        "shearY": 3.14, # The Y coordinate shearing element.
+                        "translateX": 3.14, # The X coordinate translation element.
+                        "translateY": 3.14, # The Y coordinate translation element.
+                        "unit": "A String", # The units for translate elements.
+                      },
+                      "type": "A String", # The type of the shadow. This property is read-only.
+                    },
+                    "transparency": 3.14, # The transparency effect of the image. The value should be in the interval [0.0, 1.0], where 0 means no effect and 1 means completely transparent. This property is read-only.
+                  },
+                  "placeholder": { # The placeholder information that uniquely identifies a placeholder shape. # Placeholders are page elements that inherit from corresponding placeholders on layouts and masters. If set, the image is a placeholder image and any inherited properties can be resolved by looking at the parent placeholder identified by the Placeholder.parent_object_id field.
+                    "index": 42, # The index of the placeholder. If the same placeholder types are present in the same page, they would have different index values.
+                    "parentObjectId": "A String", # The object ID of this shape's parent placeholder. If unset, the parent placeholder shape does not exist, so the shape does not inherit properties from any other shape.
+                    "type": "A String", # The type of the placeholder.
+                  },
+                  "sourceUrl": "A String", # The source URL is the URL used to insert the image. The source URL can be empty.
+                },
+                "line": { # A PageElement kind representing a non-connector line, straight connector, curved connector, or bent connector. # A line page element.
+                  "lineCategory": "A String", # The category of the line. It matches the `category` specified in CreateLineRequest, and can be updated with UpdateLineCategoryRequest.
+                  "lineProperties": { # The properties of the Line. When unset, these fields default to values that match the appearance of new lines created in the Slides editor. # The properties of the line.
+                    "dashStyle": "A String", # The dash style of the line.
+                    "endArrow": "A String", # The style of the arrow at the end of the line.
+                    "endConnection": { # The properties for one end of a Line connection. # The connection at the end of the line. If unset, there is no connection. Only lines with a Type indicating it is a "connector" can have an `end_connection`.
+                      "connectedObjectId": "A String", # The object ID of the connected page element. Some page elements, such as groups, tables, and lines do not have connection sites and therefore cannot be connected to a connector line.
+                      "connectionSiteIndex": 42, # The index of the connection site on the connected page element. In most cases, it corresponds to the predefined connection site index from the ECMA-376 standard. More information on those connection sites can be found in the description of the "cnx" attribute in section 20.1.9.9 and Annex H. "Predefined DrawingML Shape and Text Geometries" of "Office Open XML File Formats-Fundamentals and Markup Language Reference", part 1 of [ECMA-376 5th edition] (http://www.ecma-international.org/publications/standards/Ecma-376.htm). The position of each connection site can also be viewed from Slides editor.
+                    },
+                    "lineFill": { # The fill of the line. # The fill of the line. The default line fill matches the defaults for new lines created in the Slides editor.
+                      "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
+                        "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                        "color": { # A themeable solid color value. # The color value of the solid fill.
+                          "rgbColor": { # An RGB color. # An opaque RGB color.
+                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                          },
+                          "themeColor": "A String", # An opaque theme color.
+                        },
+                      },
+                    },
+                    "link": { # A hypertext link. # The hyperlink destination of the line. If unset, there is no link.
+                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                    },
+                    "startArrow": "A String", # The style of the arrow at the beginning of the line.
+                    "startConnection": { # The properties for one end of a Line connection. # The connection at the beginning of the line. If unset, there is no connection. Only lines with a Type indicating it is a "connector" can have a `start_connection`.
+                      "connectedObjectId": "A String", # The object ID of the connected page element. Some page elements, such as groups, tables, and lines do not have connection sites and therefore cannot be connected to a connector line.
+                      "connectionSiteIndex": 42, # The index of the connection site on the connected page element. In most cases, it corresponds to the predefined connection site index from the ECMA-376 standard. More information on those connection sites can be found in the description of the "cnx" attribute in section 20.1.9.9 and Annex H. "Predefined DrawingML Shape and Text Geometries" of "Office Open XML File Formats-Fundamentals and Markup Language Reference", part 1 of [ECMA-376 5th edition] (http://www.ecma-international.org/publications/standards/Ecma-376.htm). The position of each connection site can also be viewed from Slides editor.
+                    },
+                    "weight": { # A magnitude in a single direction in the specified units. # The thickness of the line.
+                      "magnitude": 3.14, # The magnitude.
+                      "unit": "A String", # The units for magnitude.
+                    },
+                  },
+                  "lineType": "A String", # The type of the line.
+                },
+                "objectId": "A String", # The object ID for this page element. Object IDs used by google.apps.slides.v1.Page and google.apps.slides.v1.PageElement share the same namespace.
+                "shape": { # A PageElement kind representing a generic shape that does not have a more specific classification. # A generic shape.
+                  "placeholder": { # The placeholder information that uniquely identifies a placeholder shape. # Placeholders are page elements that inherit from corresponding placeholders on layouts and masters. If set, the shape is a placeholder shape and any inherited properties can be resolved by looking at the parent placeholder identified by the Placeholder.parent_object_id field.
+                    "index": 42, # The index of the placeholder. If the same placeholder types are present in the same page, they would have different index values.
+                    "parentObjectId": "A String", # The object ID of this shape's parent placeholder. If unset, the parent placeholder shape does not exist, so the shape does not inherit properties from any other shape.
+                    "type": "A String", # The type of the placeholder.
+                  },
+                  "shapeProperties": { # The properties of a Shape. If the shape is a placeholder shape as determined by the placeholder field, then these properties may be inherited from a parent placeholder shape. Determining the rendered value of the property depends on the corresponding property_state field value. Any text autofit settings on the shape are automatically deactivated by requests that can impact how text fits in the shape. # The properties of the shape.
+                    "autofit": { # The autofit properties of a Shape. # The autofit properties of the shape. This property is only set for shapes that allow text.
+                      "autofitType": "A String", # The autofit type of the shape. If the autofit type is AUTOFIT_TYPE_UNSPECIFIED, the autofit type is inherited from a parent placeholder if it exists. The field is automatically set to NONE if a request is made that might affect text fitting within its bounding text box. In this case the font_scale is applied to the font_size and the line_spacing_reduction is applied to the line_spacing. Both properties are also reset to default values.
+                      "fontScale": 3.14, # The font scale applied to the shape. For shapes with autofit_type NONE or SHAPE_AUTOFIT, this value is the default value of 1. For TEXT_AUTOFIT, this value multiplied by the font_size gives the font size that is rendered in the editor. This property is read-only.
+                      "lineSpacingReduction": 3.14, # The line spacing reduction applied to the shape. For shapes with autofit_type NONE or SHAPE_AUTOFIT, this value is the default value of 0. For TEXT_AUTOFIT, this value subtracted from the line_spacing gives the line spacing that is rendered in the editor. This property is read-only.
+                    },
+                    "contentAlignment": "A String", # The alignment of the content in the shape. If unspecified, the alignment is inherited from a parent placeholder if it exists. If the shape has no parent, the default alignment matches the alignment for new shapes created in the Slides editor.
+                    "link": { # A hypertext link. # The hyperlink destination of the shape. If unset, there is no link. Links are not inherited from parent placeholders.
+                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                    },
+                    "outline": { # The outline of a PageElement. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The outline of the shape. If unset, the outline is inherited from a parent placeholder if it exists. If the shape has no parent, then the default outline depends on the shape type, matching the defaults for new shapes created in the Slides editor.
+                      "dashStyle": "A String", # The dash style of the outline.
+                      "outlineFill": { # The fill of the outline. # The fill of the outline.
+                        "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
+                          "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                          "color": { # A themeable solid color value. # The color value of the solid fill.
+                            "rgbColor": { # An RGB color. # An opaque RGB color.
+                              "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                              "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                              "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                            },
+                            "themeColor": "A String", # An opaque theme color.
+                          },
+                        },
+                      },
+                      "propertyState": "A String", # The outline property state. Updating the outline on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no outline on a page element, set this field to `NOT_RENDERED`. In this case, any other outline fields set in the same request will be ignored.
+                      "weight": { # A magnitude in a single direction in the specified units. # The thickness of the outline.
+                        "magnitude": 3.14, # The magnitude.
+                        "unit": "A String", # The units for magnitude.
+                      },
+                    },
+                    "shadow": { # The shadow properties of a page element. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The shadow properties of the shape. If unset, the shadow is inherited from a parent placeholder if it exists. If the shape has no parent, then the default shadow matches the defaults for new shapes created in the Slides editor. This property is read-only.
+                      "alignment": "A String", # The alignment point of the shadow, that sets the origin for translate, scale and skew of the shadow. This property is read-only.
+                      "alpha": 3.14, # The alpha of the shadow's color, from 0.0 to 1.0.
+                      "blurRadius": { # A magnitude in a single direction in the specified units. # The radius of the shadow blur. The larger the radius, the more diffuse the shadow becomes.
+                        "magnitude": 3.14, # The magnitude.
+                        "unit": "A String", # The units for magnitude.
+                      },
+                      "color": { # A themeable solid color value. # The shadow color value.
+                        "rgbColor": { # An RGB color. # An opaque RGB color.
+                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                        },
+                        "themeColor": "A String", # An opaque theme color.
+                      },
+                      "propertyState": "A String", # The shadow property state. Updating the shadow on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no shadow on a page element, set this field to `NOT_RENDERED`. In this case, any other shadow fields set in the same request will be ignored.
+                      "rotateWithShape": True or False, # Whether the shadow should rotate with the shape. This property is read-only.
+                      "transform": { # AffineTransform uses a 3x3 matrix with an implied last row of [ 0 0 1 ] to transform source coordinates (x,y) into destination coordinates (x', y') according to: x' x = shear_y scale_y translate_y 1 [ 1 ] After transformation, x' = scale_x * x + shear_x * y + translate_x; y' = scale_y * y + shear_y * x + translate_y; This message is therefore composed of these six matrix elements. # Transform that encodes the translate, scale, and skew of the shadow, relative to the alignment position.
+                        "scaleX": 3.14, # The X coordinate scaling element.
+                        "scaleY": 3.14, # The Y coordinate scaling element.
+                        "shearX": 3.14, # The X coordinate shearing element.
+                        "shearY": 3.14, # The Y coordinate shearing element.
+                        "translateX": 3.14, # The X coordinate translation element.
+                        "translateY": 3.14, # The Y coordinate translation element.
+                        "unit": "A String", # The units for translate elements.
+                      },
+                      "type": "A String", # The type of the shadow. This property is read-only.
+                    },
+                    "shapeBackgroundFill": { # The shape background fill. # The background fill of the shape. If unset, the background fill is inherited from a parent placeholder if it exists. If the shape has no parent, then the default background fill depends on the shape type, matching the defaults for new shapes created in the Slides editor.
+                      "propertyState": "A String", # The background fill property state. Updating the fill on a shape will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no fill on a shape, set this field to `NOT_RENDERED`. In this case, any other fill fields set in the same request will be ignored.
+                      "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
+                        "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                        "color": { # A themeable solid color value. # The color value of the solid fill.
+                          "rgbColor": { # An RGB color. # An opaque RGB color.
+                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                          },
+                          "themeColor": "A String", # An opaque theme color.
+                        },
+                      },
+                    },
+                  },
+                  "shapeType": "A String", # The type of the shape.
+                  "text": { # The general text content. The text must reside in a compatible shape (e.g. text box or rectangle) or a table cell in a page. # The text content of the shape.
+                    "lists": { # The bulleted lists contained in this text, keyed by list ID.
+                      "a_key": { # A List describes the look and feel of bullets belonging to paragraphs associated with a list. A paragraph that is part of a list has an implicit reference to that list's ID.
+                        "listId": "A String", # The ID of the list.
+                        "nestingLevel": { # A map of nesting levels to the properties of bullets at the associated level. A list has at most nine levels of nesting, so the possible values for the keys of this map are 0 through 8, inclusive.
+                          "a_key": { # Contains properties describing the look and feel of a list bullet at a given level of nesting.
+                            "bulletStyle": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The style of a bullet at this level of nesting.
+                              "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                  "rgbColor": { # An RGB color. # An opaque RGB color.
+                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                  },
+                                  "themeColor": "A String", # An opaque theme color.
+                                },
+                              },
+                              "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
+                              "bold": True or False, # Whether or not the text is rendered as bold.
+                              "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
+                              "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
+                                "magnitude": 3.14, # The magnitude.
+                                "unit": "A String", # The units for magnitude.
+                              },
+                              "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                  "rgbColor": { # An RGB color. # An opaque RGB color.
+                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                  },
+                                  "themeColor": "A String", # An opaque theme color.
+                                },
+                              },
+                              "italic": True or False, # Whether or not the text is italicized.
+                              "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
+                                "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                                "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                                "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                                "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                              },
+                              "smallCaps": True or False, # Whether or not the text is in small capital letters.
+                              "strikethrough": True or False, # Whether or not the text is struck through.
+                              "underline": True or False, # Whether or not the text is underlined.
+                              "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
+                                "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
+                                "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
+                              },
+                            },
+                          },
+                        },
+                      },
+                    },
+                    "textElements": [ # The text contents broken down into its component parts, including styling information. This property is read-only.
+                      { # A TextElement describes the content of a range of indices in the text content of a Shape or TableCell.
+                        "autoText": { # A TextElement kind that represents auto text. # A TextElement representing a spot in the text that is dynamically replaced with content that can change over time.
+                          "content": "A String", # The rendered content of this auto text, if available.
+                          "style": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The styling applied to this auto text.
+                            "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                              "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                "rgbColor": { # An RGB color. # An opaque RGB color.
+                                  "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                  "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                  "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                },
+                                "themeColor": "A String", # An opaque theme color.
+                              },
+                            },
+                            "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
+                            "bold": True or False, # Whether or not the text is rendered as bold.
+                            "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
+                            "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
+                              "magnitude": 3.14, # The magnitude.
+                              "unit": "A String", # The units for magnitude.
+                            },
+                            "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                              "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                "rgbColor": { # An RGB color. # An opaque RGB color.
+                                  "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                  "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                  "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                },
+                                "themeColor": "A String", # An opaque theme color.
+                              },
+                            },
+                            "italic": True or False, # Whether or not the text is italicized.
+                            "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
+                              "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                              "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                              "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                              "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                            },
+                            "smallCaps": True or False, # Whether or not the text is in small capital letters.
+                            "strikethrough": True or False, # Whether or not the text is struck through.
+                            "underline": True or False, # Whether or not the text is underlined.
+                            "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
+                              "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
+                              "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
+                            },
+                          },
+                          "type": "A String", # The type of this auto text.
+                        },
+                        "endIndex": 42, # The zero-based end index of this text element, exclusive, in Unicode code units.
+                        "paragraphMarker": { # A TextElement kind that represents the beginning of a new paragraph. # A marker representing the beginning of a new paragraph. The `start_index` and `end_index` of this TextElement represent the range of the paragraph. Other TextElements with an index range contained inside this paragraph's range are considered to be part of this paragraph. The range of indices of two separate paragraphs will never overlap.
+                          "bullet": { # Describes the bullet of a paragraph. # The bullet for this paragraph. If not present, the paragraph does not belong to a list.
+                            "bulletStyle": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The paragraph specific text style applied to this bullet.
+                              "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                  "rgbColor": { # An RGB color. # An opaque RGB color.
+                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                  },
+                                  "themeColor": "A String", # An opaque theme color.
+                                },
+                              },
+                              "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
+                              "bold": True or False, # Whether or not the text is rendered as bold.
+                              "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
+                              "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
+                                "magnitude": 3.14, # The magnitude.
+                                "unit": "A String", # The units for magnitude.
+                              },
+                              "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                  "rgbColor": { # An RGB color. # An opaque RGB color.
+                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                  },
+                                  "themeColor": "A String", # An opaque theme color.
+                                },
+                              },
+                              "italic": True or False, # Whether or not the text is italicized.
+                              "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
+                                "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                                "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                                "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                                "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                              },
+                              "smallCaps": True or False, # Whether or not the text is in small capital letters.
+                              "strikethrough": True or False, # Whether or not the text is struck through.
+                              "underline": True or False, # Whether or not the text is underlined.
+                              "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
+                                "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
+                                "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
+                              },
+                            },
+                            "glyph": "A String", # The rendered bullet glyph for this paragraph.
+                            "listId": "A String", # The ID of the list this paragraph belongs to.
+                            "nestingLevel": 42, # The nesting level of this paragraph in the list.
+                          },
+                          "style": { # Styles that apply to a whole paragraph. If this text is contained in a shape with a parent placeholder, then these paragraph styles may be inherited from the parent. Which paragraph styles are inherited depend on the nesting level of lists: * A paragraph not in a list will inherit its paragraph style from the paragraph at the 0 nesting level of the list inside the parent placeholder. * A paragraph in a list will inherit its paragraph style from the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited paragraph styles are represented as unset fields in this message. # The paragraph's style
+                            "alignment": "A String", # The text alignment for this paragraph.
+                            "direction": "A String", # The text direction of this paragraph. If unset, the value defaults to LEFT_TO_RIGHT since text direction is not inherited.
+                            "indentEnd": { # A magnitude in a single direction in the specified units. # The amount indentation for the paragraph on the side that corresponds to the end of the text, based on the current text direction. If unset, the value is inherited from the parent.
+                              "magnitude": 3.14, # The magnitude.
+                              "unit": "A String", # The units for magnitude.
+                            },
+                            "indentFirstLine": { # A magnitude in a single direction in the specified units. # The amount of indentation for the start of the first line of the paragraph. If unset, the value is inherited from the parent.
+                              "magnitude": 3.14, # The magnitude.
+                              "unit": "A String", # The units for magnitude.
+                            },
+                            "indentStart": { # A magnitude in a single direction in the specified units. # The amount indentation for the paragraph on the side that corresponds to the start of the text, based on the current text direction. If unset, the value is inherited from the parent.
+                              "magnitude": 3.14, # The magnitude.
+                              "unit": "A String", # The units for magnitude.
+                            },
+                            "lineSpacing": 3.14, # The amount of space between lines, as a percentage of normal, where normal is represented as 100.0. If unset, the value is inherited from the parent.
+                            "spaceAbove": { # A magnitude in a single direction in the specified units. # The amount of extra space above the paragraph. If unset, the value is inherited from the parent.
+                              "magnitude": 3.14, # The magnitude.
+                              "unit": "A String", # The units for magnitude.
+                            },
+                            "spaceBelow": { # A magnitude in a single direction in the specified units. # The amount of extra space below the paragraph. If unset, the value is inherited from the parent.
+                              "magnitude": 3.14, # The magnitude.
+                              "unit": "A String", # The units for magnitude.
+                            },
+                            "spacingMode": "A String", # The spacing mode for the paragraph.
+                          },
+                        },
+                        "startIndex": 42, # The zero-based start index of this text element, in Unicode code units.
+                        "textRun": { # A TextElement kind that represents a run of text that all has the same styling. # A TextElement representing a run of text where all of the characters in the run have the same TextStyle. The `start_index` and `end_index` of TextRuns will always be fully contained in the index range of a single `paragraph_marker` TextElement. In other words, a TextRun will never span multiple paragraphs.
+                          "content": "A String", # The text of this run.
+                          "style": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The styling applied to this run.
+                            "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                              "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                "rgbColor": { # An RGB color. # An opaque RGB color.
+                                  "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                  "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                  "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                },
+                                "themeColor": "A String", # An opaque theme color.
+                              },
+                            },
+                            "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
+                            "bold": True or False, # Whether or not the text is rendered as bold.
+                            "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
+                            "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
+                              "magnitude": 3.14, # The magnitude.
+                              "unit": "A String", # The units for magnitude.
+                            },
+                            "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                              "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                "rgbColor": { # An RGB color. # An opaque RGB color.
+                                  "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                  "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                  "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                },
+                                "themeColor": "A String", # An opaque theme color.
+                              },
+                            },
+                            "italic": True or False, # Whether or not the text is italicized.
+                            "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
+                              "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                              "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                              "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                              "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                            },
+                            "smallCaps": True or False, # Whether or not the text is in small capital letters.
+                            "strikethrough": True or False, # Whether or not the text is struck through.
+                            "underline": True or False, # Whether or not the text is underlined.
+                            "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
+                              "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
+                              "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
+                            },
+                          },
+                        },
+                      },
+                    ],
+                  },
+                },
+                "sheetsChart": { # A PageElement kind representing a linked chart embedded from Google Sheets. # A linked chart embedded from Google Sheets. Unlinked charts are represented as images.
+                  "chartId": 42, # The ID of the specific chart in the Google Sheets spreadsheet that is embedded.
+                  "contentUrl": "A String", # The URL of an image of the embedded chart, with a default lifetime of 30 minutes. This URL is tagged with the account of the requester. Anyone with the URL effectively accesses the image as the original requester. Access to the image may be lost if the presentation's sharing settings change.
+                  "sheetsChartProperties": { # The properties of the SheetsChart. # The properties of the Sheets chart.
+                    "chartImageProperties": { # The properties of the Image. # The properties of the embedded chart image.
+                      "brightness": 3.14, # The brightness effect of the image. The value should be in the interval [-1.0, 1.0], where 0 means no effect. This property is read-only.
+                      "contrast": 3.14, # The contrast effect of the image. The value should be in the interval [-1.0, 1.0], where 0 means no effect. This property is read-only.
+                      "cropProperties": { # The crop properties of an object enclosed in a container. For example, an Image. The crop properties is represented by the offsets of four edges which define a crop rectangle. The offsets are measured in percentage from the corresponding edges of the object's original bounding rectangle towards inside, relative to the object's original dimensions. - If the offset is in the interval (0, 1), the corresponding edge of crop rectangle is positioned inside of the object's original bounding rectangle. - If the offset is negative or greater than 1, the corresponding edge of crop rectangle is positioned outside of the object's original bounding rectangle. - If the left edge of the crop rectangle is on the right side of its right edge, the object will be flipped horizontally. - If the top edge of the crop rectangle is below its bottom edge, the object will be flipped vertically. - If all offsets and rotation angle is 0, the object is not cropped. After cropping, the content in the crop rectangle will be stretched to fit its container. # The crop properties of the image. If not set, the image is not cropped. This property is read-only.
+                        "angle": 3.14, # The rotation angle of the crop window around its center, in radians. Rotation angle is applied after the offset.
+                        "bottomOffset": 3.14, # The offset specifies the bottom edge of the crop rectangle that is located above the original bounding rectangle bottom edge, relative to the object's original height.
+                        "leftOffset": 3.14, # The offset specifies the left edge of the crop rectangle that is located to the right of the original bounding rectangle left edge, relative to the object's original width.
+                        "rightOffset": 3.14, # The offset specifies the right edge of the crop rectangle that is located to the left of the original bounding rectangle right edge, relative to the object's original width.
+                        "topOffset": 3.14, # The offset specifies the top edge of the crop rectangle that is located below the original bounding rectangle top edge, relative to the object's original height.
+                      },
+                      "link": { # A hypertext link. # The hyperlink destination of the image. If unset, there is no link.
+                        "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                        "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                        "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                        "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                      },
+                      "outline": { # The outline of a PageElement. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The outline of the image. If not set, the image has no outline.
+                        "dashStyle": "A String", # The dash style of the outline.
+                        "outlineFill": { # The fill of the outline. # The fill of the outline.
+                          "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
+                            "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                            "color": { # A themeable solid color value. # The color value of the solid fill.
+                              "rgbColor": { # An RGB color. # An opaque RGB color.
+                                "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                              },
+                              "themeColor": "A String", # An opaque theme color.
+                            },
+                          },
+                        },
+                        "propertyState": "A String", # The outline property state. Updating the outline on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no outline on a page element, set this field to `NOT_RENDERED`. In this case, any other outline fields set in the same request will be ignored.
+                        "weight": { # A magnitude in a single direction in the specified units. # The thickness of the outline.
+                          "magnitude": 3.14, # The magnitude.
+                          "unit": "A String", # The units for magnitude.
+                        },
+                      },
+                      "recolor": { # A recolor effect applied on an image. # The recolor effect of the image. If not set, the image is not recolored. This property is read-only.
+                        "name": "A String", # The name of the recolor effect. The name is determined from the `recolor_stops` by matching the gradient against the colors in the page's current color scheme. This property is read-only.
+                        "recolorStops": [ # The recolor effect is represented by a gradient, which is a list of color stops. The colors in the gradient will replace the corresponding colors at the same position in the color palette and apply to the image. This property is read-only.
+                          { # A color and position in a gradient band.
+                            "alpha": 3.14, # The alpha value of this color in the gradient band. Defaults to 1.0, fully opaque.
+                            "color": { # A themeable solid color value. # The color of the gradient stop.
+                              "rgbColor": { # An RGB color. # An opaque RGB color.
+                                "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                              },
+                              "themeColor": "A String", # An opaque theme color.
+                            },
+                            "position": 3.14, # The relative position of the color stop in the gradient band measured in percentage. The value should be in the interval [0.0, 1.0].
+                          },
+                        ],
+                      },
+                      "shadow": { # The shadow properties of a page element. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The shadow of the image. If not set, the image has no shadow. This property is read-only.
+                        "alignment": "A String", # The alignment point of the shadow, that sets the origin for translate, scale and skew of the shadow. This property is read-only.
+                        "alpha": 3.14, # The alpha of the shadow's color, from 0.0 to 1.0.
+                        "blurRadius": { # A magnitude in a single direction in the specified units. # The radius of the shadow blur. The larger the radius, the more diffuse the shadow becomes.
+                          "magnitude": 3.14, # The magnitude.
+                          "unit": "A String", # The units for magnitude.
+                        },
+                        "color": { # A themeable solid color value. # The shadow color value.
+                          "rgbColor": { # An RGB color. # An opaque RGB color.
+                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                          },
+                          "themeColor": "A String", # An opaque theme color.
+                        },
+                        "propertyState": "A String", # The shadow property state. Updating the shadow on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no shadow on a page element, set this field to `NOT_RENDERED`. In this case, any other shadow fields set in the same request will be ignored.
+                        "rotateWithShape": True or False, # Whether the shadow should rotate with the shape. This property is read-only.
+                        "transform": { # AffineTransform uses a 3x3 matrix with an implied last row of [ 0 0 1 ] to transform source coordinates (x,y) into destination coordinates (x', y') according to: x' x = shear_y scale_y translate_y 1 [ 1 ] After transformation, x' = scale_x * x + shear_x * y + translate_x; y' = scale_y * y + shear_y * x + translate_y; This message is therefore composed of these six matrix elements. # Transform that encodes the translate, scale, and skew of the shadow, relative to the alignment position.
+                          "scaleX": 3.14, # The X coordinate scaling element.
+                          "scaleY": 3.14, # The Y coordinate scaling element.
+                          "shearX": 3.14, # The X coordinate shearing element.
+                          "shearY": 3.14, # The Y coordinate shearing element.
+                          "translateX": 3.14, # The X coordinate translation element.
+                          "translateY": 3.14, # The Y coordinate translation element.
+                          "unit": "A String", # The units for translate elements.
+                        },
+                        "type": "A String", # The type of the shadow. This property is read-only.
+                      },
+                      "transparency": 3.14, # The transparency effect of the image. The value should be in the interval [0.0, 1.0], where 0 means no effect and 1 means completely transparent. This property is read-only.
+                    },
+                  },
+                  "spreadsheetId": "A String", # The ID of the Google Sheets spreadsheet that contains the source chart.
+                },
+                "size": { # A width and height. # The size of the page element.
+                  "height": { # A magnitude in a single direction in the specified units. # The height of the object.
+                    "magnitude": 3.14, # The magnitude.
+                    "unit": "A String", # The units for magnitude.
+                  },
+                  "width": { # A magnitude in a single direction in the specified units. # The width of the object.
+                    "magnitude": 3.14, # The magnitude.
+                    "unit": "A String", # The units for magnitude.
+                  },
+                },
+                "table": { # A PageElement kind representing a table. # A table page element.
+                  "columns": 42, # Number of columns in the table.
+                  "horizontalBorderRows": [ # Properties of horizontal cell borders. A table's horizontal cell borders are represented as a grid. The grid has one more row than the number of rows in the table and the same number of columns as the table. For example, if the table is 3 x 3, its horizontal borders will be represented as a grid with 4 rows and 3 columns.
+                    { # Contents of each border row in a table.
+                      "tableBorderCells": [ # Properties of each border cell. When a border's adjacent table cells are merged, it is not included in the response.
+                        { # The properties of each border cell.
+                          "location": { # A location of a single table cell within a table. # The location of the border within the border table.
+                            "columnIndex": 42, # The 0-based column index.
+                            "rowIndex": 42, # The 0-based row index.
+                          },
+                          "tableBorderProperties": { # The border styling properties of the TableBorderCell. # The border properties.
+                            "dashStyle": "A String", # The dash style of the border.
+                            "tableBorderFill": { # The fill of the border. # The fill of the table border.
+                              "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid fill.
+                                "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                                "color": { # A themeable solid color value. # The color value of the solid fill.
+                                  "rgbColor": { # An RGB color. # An opaque RGB color.
+                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                  },
+                                  "themeColor": "A String", # An opaque theme color.
+                                },
+                              },
+                            },
+                            "weight": { # A magnitude in a single direction in the specified units. # The thickness of the border.
+                              "magnitude": 3.14, # The magnitude.
+                              "unit": "A String", # The units for magnitude.
+                            },
+                          },
+                        },
+                      ],
+                    },
+                  ],
+                  "rows": 42, # Number of rows in the table.
+                  "tableColumns": [ # Properties of each column.
+                    { # Properties of each column in a table.
+                      "columnWidth": { # A magnitude in a single direction in the specified units. # Width of a column.
+                        "magnitude": 3.14, # The magnitude.
+                        "unit": "A String", # The units for magnitude.
+                      },
+                    },
+                  ],
+                  "tableRows": [ # Properties and contents of each row. Cells that span multiple rows are contained in only one of these rows and have a row_span greater than 1.
+                    { # Properties and contents of each row in a table.
+                      "rowHeight": { # A magnitude in a single direction in the specified units. # Height of a row.
+                        "magnitude": 3.14, # The magnitude.
+                        "unit": "A String", # The units for magnitude.
+                      },
+                      "tableCells": [ # Properties and contents of each cell. Cells that span multiple columns are represented only once with a column_span greater than 1. As a result, the length of this collection does not always match the number of columns of the entire table.
+                        { # Properties and contents of each table cell.
+                          "columnSpan": 42, # Column span of the cell.
+                          "location": { # A location of a single table cell within a table. # The location of the cell within the table.
+                            "columnIndex": 42, # The 0-based column index.
+                            "rowIndex": 42, # The 0-based row index.
+                          },
+                          "rowSpan": 42, # Row span of the cell.
+                          "tableCellProperties": { # The properties of the TableCell. # The properties of the table cell.
+                            "contentAlignment": "A String", # The alignment of the content in the table cell. The default alignment matches the alignment for newly created table cells in the Slides editor.
+                            "tableCellBackgroundFill": { # The table cell background fill. # The background fill of the table cell. The default fill matches the fill for newly created table cells in the Slides editor.
+                              "propertyState": "A String", # The background fill property state. Updating the fill on a table cell will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no fill on a table cell, set this field to `NOT_RENDERED`. In this case, any other fill fields set in the same request will be ignored.
+                              "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
+                                "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                                "color": { # A themeable solid color value. # The color value of the solid fill.
+                                  "rgbColor": { # An RGB color. # An opaque RGB color.
+                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                  },
+                                  "themeColor": "A String", # An opaque theme color.
+                                },
+                              },
+                            },
+                          },
+                          "text": { # The general text content. The text must reside in a compatible shape (e.g. text box or rectangle) or a table cell in a page. # The text content of the cell.
+                            "lists": { # The bulleted lists contained in this text, keyed by list ID.
+                              "a_key": { # A List describes the look and feel of bullets belonging to paragraphs associated with a list. A paragraph that is part of a list has an implicit reference to that list's ID.
+                                "listId": "A String", # The ID of the list.
+                                "nestingLevel": { # A map of nesting levels to the properties of bullets at the associated level. A list has at most nine levels of nesting, so the possible values for the keys of this map are 0 through 8, inclusive.
+                                  "a_key": { # Contains properties describing the look and feel of a list bullet at a given level of nesting.
+                                    "bulletStyle": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The style of a bullet at this level of nesting.
+                                      "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                        "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                          "rgbColor": { # An RGB color. # An opaque RGB color.
+                                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                          },
+                                          "themeColor": "A String", # An opaque theme color.
+                                        },
+                                      },
+                                      "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
+                                      "bold": True or False, # Whether or not the text is rendered as bold.
+                                      "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
+                                      "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
+                                        "magnitude": 3.14, # The magnitude.
+                                        "unit": "A String", # The units for magnitude.
+                                      },
+                                      "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                        "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                          "rgbColor": { # An RGB color. # An opaque RGB color.
+                                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                          },
+                                          "themeColor": "A String", # An opaque theme color.
+                                        },
+                                      },
+                                      "italic": True or False, # Whether or not the text is italicized.
+                                      "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
+                                        "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                                        "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                                        "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                                        "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                                      },
+                                      "smallCaps": True or False, # Whether or not the text is in small capital letters.
+                                      "strikethrough": True or False, # Whether or not the text is struck through.
+                                      "underline": True or False, # Whether or not the text is underlined.
+                                      "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
+                                        "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
+                                        "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
+                                      },
+                                    },
+                                  },
+                                },
+                              },
+                            },
+                            "textElements": [ # The text contents broken down into its component parts, including styling information. This property is read-only.
+                              { # A TextElement describes the content of a range of indices in the text content of a Shape or TableCell.
+                                "autoText": { # A TextElement kind that represents auto text. # A TextElement representing a spot in the text that is dynamically replaced with content that can change over time.
+                                  "content": "A String", # The rendered content of this auto text, if available.
+                                  "style": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The styling applied to this auto text.
+                                    "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                      "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                        "rgbColor": { # An RGB color. # An opaque RGB color.
+                                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                        },
+                                        "themeColor": "A String", # An opaque theme color.
+                                      },
+                                    },
+                                    "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
+                                    "bold": True or False, # Whether or not the text is rendered as bold.
+                                    "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
+                                    "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
+                                      "magnitude": 3.14, # The magnitude.
+                                      "unit": "A String", # The units for magnitude.
+                                    },
+                                    "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                      "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                        "rgbColor": { # An RGB color. # An opaque RGB color.
+                                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                        },
+                                        "themeColor": "A String", # An opaque theme color.
+                                      },
+                                    },
+                                    "italic": True or False, # Whether or not the text is italicized.
+                                    "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
+                                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                                    },
+                                    "smallCaps": True or False, # Whether or not the text is in small capital letters.
+                                    "strikethrough": True or False, # Whether or not the text is struck through.
+                                    "underline": True or False, # Whether or not the text is underlined.
+                                    "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
+                                      "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
+                                      "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
+                                    },
+                                  },
+                                  "type": "A String", # The type of this auto text.
+                                },
+                                "endIndex": 42, # The zero-based end index of this text element, exclusive, in Unicode code units.
+                                "paragraphMarker": { # A TextElement kind that represents the beginning of a new paragraph. # A marker representing the beginning of a new paragraph. The `start_index` and `end_index` of this TextElement represent the range of the paragraph. Other TextElements with an index range contained inside this paragraph's range are considered to be part of this paragraph. The range of indices of two separate paragraphs will never overlap.
+                                  "bullet": { # Describes the bullet of a paragraph. # The bullet for this paragraph. If not present, the paragraph does not belong to a list.
+                                    "bulletStyle": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The paragraph specific text style applied to this bullet.
+                                      "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                        "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                          "rgbColor": { # An RGB color. # An opaque RGB color.
+                                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                          },
+                                          "themeColor": "A String", # An opaque theme color.
+                                        },
+                                      },
+                                      "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
+                                      "bold": True or False, # Whether or not the text is rendered as bold.
+                                      "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
+                                      "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
+                                        "magnitude": 3.14, # The magnitude.
+                                        "unit": "A String", # The units for magnitude.
+                                      },
+                                      "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                        "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                          "rgbColor": { # An RGB color. # An opaque RGB color.
+                                            "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                            "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                            "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                          },
+                                          "themeColor": "A String", # An opaque theme color.
+                                        },
+                                      },
+                                      "italic": True or False, # Whether or not the text is italicized.
+                                      "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
+                                        "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                                        "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                                        "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                                        "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                                      },
+                                      "smallCaps": True or False, # Whether or not the text is in small capital letters.
+                                      "strikethrough": True or False, # Whether or not the text is struck through.
+                                      "underline": True or False, # Whether or not the text is underlined.
+                                      "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
+                                        "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
+                                        "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
+                                      },
+                                    },
+                                    "glyph": "A String", # The rendered bullet glyph for this paragraph.
+                                    "listId": "A String", # The ID of the list this paragraph belongs to.
+                                    "nestingLevel": 42, # The nesting level of this paragraph in the list.
+                                  },
+                                  "style": { # Styles that apply to a whole paragraph. If this text is contained in a shape with a parent placeholder, then these paragraph styles may be inherited from the parent. Which paragraph styles are inherited depend on the nesting level of lists: * A paragraph not in a list will inherit its paragraph style from the paragraph at the 0 nesting level of the list inside the parent placeholder. * A paragraph in a list will inherit its paragraph style from the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited paragraph styles are represented as unset fields in this message. # The paragraph's style
+                                    "alignment": "A String", # The text alignment for this paragraph.
+                                    "direction": "A String", # The text direction of this paragraph. If unset, the value defaults to LEFT_TO_RIGHT since text direction is not inherited.
+                                    "indentEnd": { # A magnitude in a single direction in the specified units. # The amount indentation for the paragraph on the side that corresponds to the end of the text, based on the current text direction. If unset, the value is inherited from the parent.
+                                      "magnitude": 3.14, # The magnitude.
+                                      "unit": "A String", # The units for magnitude.
+                                    },
+                                    "indentFirstLine": { # A magnitude in a single direction in the specified units. # The amount of indentation for the start of the first line of the paragraph. If unset, the value is inherited from the parent.
+                                      "magnitude": 3.14, # The magnitude.
+                                      "unit": "A String", # The units for magnitude.
+                                    },
+                                    "indentStart": { # A magnitude in a single direction in the specified units. # The amount indentation for the paragraph on the side that corresponds to the start of the text, based on the current text direction. If unset, the value is inherited from the parent.
+                                      "magnitude": 3.14, # The magnitude.
+                                      "unit": "A String", # The units for magnitude.
+                                    },
+                                    "lineSpacing": 3.14, # The amount of space between lines, as a percentage of normal, where normal is represented as 100.0. If unset, the value is inherited from the parent.
+                                    "spaceAbove": { # A magnitude in a single direction in the specified units. # The amount of extra space above the paragraph. If unset, the value is inherited from the parent.
+                                      "magnitude": 3.14, # The magnitude.
+                                      "unit": "A String", # The units for magnitude.
+                                    },
+                                    "spaceBelow": { # A magnitude in a single direction in the specified units. # The amount of extra space below the paragraph. If unset, the value is inherited from the parent.
+                                      "magnitude": 3.14, # The magnitude.
+                                      "unit": "A String", # The units for magnitude.
+                                    },
+                                    "spacingMode": "A String", # The spacing mode for the paragraph.
+                                  },
+                                },
+                                "startIndex": 42, # The zero-based start index of this text element, in Unicode code units.
+                                "textRun": { # A TextElement kind that represents a run of text that all has the same styling. # A TextElement representing a run of text where all of the characters in the run have the same TextStyle. The `start_index` and `end_index` of TextRuns will always be fully contained in the index range of a single `paragraph_marker` TextElement. In other words, a TextRun will never span multiple paragraphs.
+                                  "content": "A String", # The text of this run.
+                                  "style": { # Represents the styling that can be applied to a TextRun. If this text is contained in a shape with a parent placeholder, then these text styles may be inherited from the parent. Which text styles are inherited depend on the nesting level of lists: * A text run in a paragraph that is not in a list will inherit its text style from the the newline character in the paragraph at the 0 nesting level of the list inside the parent placeholder. * A text run in a paragraph that is in a list will inherit its text style from the newline character in the paragraph at its corresponding nesting level of the list inside the parent placeholder. Inherited text styles are represented as unset fields in this message. If text is contained in a shape without a parent placeholder, unsetting these fields will revert the style to a value matching the defaults in the Slides editor. # The styling applied to this run.
+                                    "backgroundColor": { # A color that can either be fully opaque or fully transparent. # The background color of the text. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                      "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                        "rgbColor": { # An RGB color. # An opaque RGB color.
+                                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                        },
+                                        "themeColor": "A String", # An opaque theme color.
+                                      },
+                                    },
+                                    "baselineOffset": "A String", # The text's vertical offset from its normal position. Text with `SUPERSCRIPT` or `SUBSCRIPT` baseline offsets is automatically rendered in a smaller font size, computed based on the `font_size` field. The `font_size` itself is not affected by changes in this field.
+                                    "bold": True or False, # Whether or not the text is rendered as bold.
+                                    "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`. Some fonts can affect the weight of the text. If an update request specifies values for both `font_family` and `bold`, the explicitly-set `bold` value is used.
+                                    "fontSize": { # A magnitude in a single direction in the specified units. # The size of the text's font. When read, the `font_size` will specified in points.
+                                      "magnitude": 3.14, # The magnitude.
+                                      "unit": "A String", # The units for magnitude.
+                                    },
+                                    "foregroundColor": { # A color that can either be fully opaque or fully transparent. # The color of the text itself. If set, the color is either opaque or transparent, depending on if the `opaque_color` field in it is set.
+                                      "opaqueColor": { # A themeable solid color value. # If set, this will be used as an opaque color. If unset, this represents a transparent color.
+                                        "rgbColor": { # An RGB color. # An opaque RGB color.
+                                          "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                          "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                          "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                        },
+                                        "themeColor": "A String", # An opaque theme color.
+                                      },
+                                    },
+                                    "italic": True or False, # Whether or not the text is italicized.
+                                    "link": { # A hypertext link. # The hyperlink destination of the text. If unset, there is no link. Links are not inherited from parent text. Changing the link in an update request causes some other changes to the text style of the range: * When setting a link, the text foreground color will be set to ThemeColorType.HYPERLINK and the text will be underlined. If these fields are modified in the same request, those values will be used instead of the link defaults. * Setting a link on a text range that overlaps with an existing link will also update the existing link to point to the new URL. * Links are not settable on newline characters. As a result, setting a link on a text range that crosses a paragraph boundary, such as `"ABC\n123"`, will separate the newline character(s) into their own text runs. The link will be applied separately to the runs before and after the newline. * Removing a link will update the text style of the range to match the style of the preceding text (or the default text styles if the preceding text is another link) unless different styles are being set in the same request.
+                                      "pageObjectId": "A String", # If set, indicates this is a link to the specific page in this presentation with this ID. A page with this ID may not exist.
+                                      "relativeLink": "A String", # If set, indicates this is a link to a slide in this presentation, addressed by its position.
+                                      "slideIndex": 42, # If set, indicates this is a link to the slide at this zero-based index in the presentation. There may not be a slide at this index.
+                                      "url": "A String", # If set, indicates this is a link to the external web page at this URL.
+                                    },
+                                    "smallCaps": True or False, # Whether or not the text is in small capital letters.
+                                    "strikethrough": True or False, # Whether or not the text is struck through.
+                                    "underline": True or False, # Whether or not the text is underlined.
+                                    "weightedFontFamily": { # Represents a font family and weight used to style a TextRun. # The font family and rendered weight of the text. This field is an extension of `font_family` meant to support explicit font weights without breaking backwards compatibility. As such, when reading the style of a range of text, the value of `weighted_font_family#font_family` will always be equal to that of `font_family`. However, when writing, if both fields are included in the field mask (either explicitly or through the wildcard `"*"`), their values are reconciled as follows: * If `font_family` is set and `weighted_font_family` is not, the value of `font_family` is applied with weight `400` ("normal"). * If both fields are set, the value of `font_family` must match that of `weighted_font_family#font_family`. If so, the font family and weight of `weighted_font_family` is applied. Otherwise, a 400 bad request error is returned. * If `weighted_font_family` is set and `font_family` is not, the font family and weight of `weighted_font_family` is applied. * If neither field is set, the font family and weight of the text inherit from the parent. Note that these properties cannot inherit separately from each other. If an update request specifies values for both `weighted_font_family` and `bold`, the `weighted_font_family` is applied first, then `bold`. If `weighted_font_family#weight` is not set, it defaults to `400`. If `weighted_font_family` is set, then `weighted_font_family#font_family` must also be set with a non-empty value. Otherwise, a 400 bad request error is returned.
+                                      "fontFamily": "A String", # The font family of the text. The font family can be any font from the Font menu in Slides or from [Google Fonts] (https://fonts.google.com/). If the font name is unrecognized, the text is rendered in `Arial`.
+                                      "weight": 42, # The rendered weight of the text. This field can have any value that is a multiple of `100` between `100` and `900`, inclusive. This range corresponds to the numerical values described in the CSS 2.1 Specification, [section 15.6](https://www.w3.org/TR/CSS21/fonts.html#font-boldness), with non-numerical values disallowed. Weights greater than or equal to `700` are considered bold, and weights less than `700`are not bold. The default value is `400` ("normal").
+                                    },
+                                  },
+                                },
+                              },
+                            ],
+                          },
+                        },
+                      ],
+                      "tableRowProperties": { # Properties of each row in a table. # Properties of the row.
+                        "minRowHeight": { # A magnitude in a single direction in the specified units. # Minimum height of the row. The row will be rendered in the Slides editor at a height equal to or greater than this value in order to show all the text in the row's cell(s).
+                          "magnitude": 3.14, # The magnitude.
+                          "unit": "A String", # The units for magnitude.
+                        },
+                      },
+                    },
+                  ],
+                  "verticalBorderRows": [ # Properties of vertical cell borders. A table's vertical cell borders are represented as a grid. The grid has the same number of rows as the table and one more column than the number of columns in the table. For example, if the table is 3 x 3, its vertical borders will be represented as a grid with 3 rows and 4 columns.
+                    { # Contents of each border row in a table.
+                      "tableBorderCells": [ # Properties of each border cell. When a border's adjacent table cells are merged, it is not included in the response.
+                        { # The properties of each border cell.
+                          "location": { # A location of a single table cell within a table. # The location of the border within the border table.
+                            "columnIndex": 42, # The 0-based column index.
+                            "rowIndex": 42, # The 0-based row index.
+                          },
+                          "tableBorderProperties": { # The border styling properties of the TableBorderCell. # The border properties.
+                            "dashStyle": "A String", # The dash style of the border.
+                            "tableBorderFill": { # The fill of the border. # The fill of the table border.
+                              "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid fill.
+                                "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                                "color": { # A themeable solid color value. # The color value of the solid fill.
+                                  "rgbColor": { # An RGB color. # An opaque RGB color.
+                                    "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                                    "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                                    "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                                  },
+                                  "themeColor": "A String", # An opaque theme color.
+                                },
+                              },
+                            },
+                            "weight": { # A magnitude in a single direction in the specified units. # The thickness of the border.
+                              "magnitude": 3.14, # The magnitude.
+                              "unit": "A String", # The units for magnitude.
+                            },
+                          },
+                        },
+                      ],
+                    },
+                  ],
+                },
+                "title": "A String", # The title of the page element. Combined with description to display alt text. The field is not supported for Group elements.
+                "transform": { # AffineTransform uses a 3x3 matrix with an implied last row of [ 0 0 1 ] to transform source coordinates (x,y) into destination coordinates (x', y') according to: x' x = shear_y scale_y translate_y 1 [ 1 ] After transformation, x' = scale_x * x + shear_x * y + translate_x; y' = scale_y * y + shear_y * x + translate_y; This message is therefore composed of these six matrix elements. # The transform of the page element. The visual appearance of the page element is determined by its absolute transform. To compute the absolute transform, preconcatenate a page element's transform with the transforms of all of its parent groups. If the page element is not in a group, its absolute transform is the same as the value in this field. The initial transform for the newly created Group is always the identity transform.
+                  "scaleX": 3.14, # The X coordinate scaling element.
+                  "scaleY": 3.14, # The Y coordinate scaling element.
+                  "shearX": 3.14, # The X coordinate shearing element.
+                  "shearY": 3.14, # The Y coordinate shearing element.
+                  "translateX": 3.14, # The X coordinate translation element.
+                  "translateY": 3.14, # The Y coordinate translation element.
+                  "unit": "A String", # The units for translate elements.
+                },
+                "video": { # A PageElement kind representing a video. # A video page element.
+                  "id": "A String", # The video source's unique identifier for this video.
+                  "source": "A String", # The video source.
+                  "url": "A String", # An URL to a video. The URL is valid as long as the source video exists and sharing settings do not change.
+                  "videoProperties": { # The properties of the Video. # The properties of the video.
+                    "autoPlay": True or False, # Whether to enable video autoplay when the page is displayed in present mode. Defaults to false.
+                    "end": 42, # The time at which to end playback, measured in seconds from the beginning of the video. If set, the end time should be after the start time. If not set or if you set this to a value that exceeds the video's length, the video will be played until its end.
+                    "mute": True or False, # Whether to mute the audio during video playback. Defaults to false.
+                    "outline": { # The outline of a PageElement. If these fields are unset, they may be inherited from a parent placeholder if it exists. If there is no parent, the fields will default to the value used for new page elements created in the Slides editor, which may depend on the page element kind. # The outline of the video. The default outline matches the defaults for new videos created in the Slides editor.
+                      "dashStyle": "A String", # The dash style of the outline.
+                      "outlineFill": { # The fill of the outline. # The fill of the outline.
+                        "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
+                          "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                          "color": { # A themeable solid color value. # The color value of the solid fill.
+                            "rgbColor": { # An RGB color. # An opaque RGB color.
+                              "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                              "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                              "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                            },
+                            "themeColor": "A String", # An opaque theme color.
+                          },
+                        },
+                      },
+                      "propertyState": "A String", # The outline property state. Updating the outline on a page element will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no outline on a page element, set this field to `NOT_RENDERED`. In this case, any other outline fields set in the same request will be ignored.
+                      "weight": { # A magnitude in a single direction in the specified units. # The thickness of the outline.
+                        "magnitude": 3.14, # The magnitude.
+                        "unit": "A String", # The units for magnitude.
+                      },
+                    },
+                    "start": 42, # The time at which to start playback, measured in seconds from the beginning of the video. If set, the start time should be before the end time. If you set this to a value that exceeds the video's length in seconds, the video will be played from the last second. If not set, the video will be played from the beginning.
+                  },
+                },
+                "wordArt": { # A PageElement kind representing word art. # A word art page element.
+                  "renderedText": "A String", # The text rendered as word art.
+                },
+              },
+            ],
+            "pageProperties": { # The properties of the Page. The page will inherit properties from the parent page. Depending on the page type the hierarchy is defined in either SlideProperties or LayoutProperties. # The properties of the page.
+              "colorScheme": { # The palette of predefined colors for a page. # The color scheme of the page. If unset, the color scheme is inherited from a parent page. If the page has no parent, the color scheme uses a default Slides color scheme, matching the defaults in the Slides editor. Only the concrete colors of the first 12 ThemeColorTypes are editable. In addition, only the color scheme on `Master` pages can be updated. To update the field, a color scheme containing mappings from all the first 12 ThemeColorTypes to their concrete colors must be provided. Colors for the remaining ThemeColorTypes will be ignored.
+                "colors": [ # The ThemeColorType and corresponding concrete color pairs.
+                  { # A pair mapping a theme color type to the concrete color it represents.
+                    "color": { # An RGB color. # The concrete color corresponding to the theme color type above.
+                      "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                      "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                      "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                    },
+                    "type": "A String", # The type of the theme color.
+                  },
+                ],
+              },
+              "pageBackgroundFill": { # The page background fill. # The background fill of the page. If unset, the background fill is inherited from a parent page if it exists. If the page has no parent, then the background fill defaults to the corresponding fill in the Slides editor.
+                "propertyState": "A String", # The background fill property state. Updating the fill on a page will implicitly update this field to `RENDERED`, unless another value is specified in the same request. To have no fill on a page, set this field to `NOT_RENDERED`. In this case, any other fill fields set in the same request will be ignored.
+                "solidFill": { # A solid color fill. The page or page element is filled entirely with the specified color value. If any field is unset, its value may be inherited from a parent placeholder if it exists. # Solid color fill.
+                  "alpha": 3.14, # The fraction of this `color` that should be applied to the pixel. That is, the final pixel color is defined by the equation: pixel color = alpha * (color) + (1.0 - alpha) * (background color) This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color.
+                  "color": { # A themeable solid color value. # The color value of the solid fill.
+                    "rgbColor": { # An RGB color. # An opaque RGB color.
+                      "blue": 3.14, # The blue component of the color, from 0.0 to 1.0.
+                      "green": 3.14, # The green component of the color, from 0.0 to 1.0.
+                      "red": 3.14, # The red component of the color, from 0.0 to 1.0.
+                    },
+                    "themeColor": "A String", # An opaque theme color.
+                  },
+                },
+                "stretchedPictureFill": { # The stretched picture fill. The page or page element is filled entirely with the specified picture. The picture is stretched to fit its container. # Stretched picture fill.
+                  "contentUrl": "A String", # Reading the content_url: An URL to a picture with a default lifetime of 30 minutes. This URL is tagged with the account of the requester. Anyone with the URL effectively accesses the picture as the original requester. Access to the picture may be lost if the presentation's sharing settings change. Writing the content_url: The picture is fetched once at insertion time and a copy is stored for display inside the presentation. Pictures must be less than 50MB in size, cannot exceed 25 megapixels, and must be in one of PNG, JPEG, or GIF format. The provided URL can be at most 2 kB in length.
+                  "size": { # A width and height. # The original size of the picture fill. This field is read-only.
+                    "height": { # A magnitude in a single direction in the specified units. # The height of the object.
+                      "magnitude": 3.14, # The magnitude.
+                      "unit": "A String", # The units for magnitude.
+                    },
+                    "width": { # A magnitude in a single direction in the specified units. # The width of the object.
+                      "magnitude": 3.14, # The magnitude.
+                      "unit": "A String", # The units for magnitude.
+                    },
+                  },
+                },
+              },
+            },
+            "pageType": "A String", # The type of the page.
+            "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
+            "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
+          },
         },
       },
       "updateSlidesPosition": { # Updates the position of slides in the presentation. # Updates the position of a set of slides in the presentation.
@@ -2045,12 +3052,7 @@
       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-      },
+      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
     },
   ],
   "locale": "A String", # The locale of the presentation, as an IETF BCP 47 language tag.
@@ -3061,12 +4063,7 @@
       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-      },
+      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
     },
   ],
   "notesMaster": { # A page in a presentation. # The notes master in the presentation. It serves three purposes: - Placeholder shapes on a notes master contain the default text styles and shape properties of all placeholder shapes on notes pages. Specifically, a `SLIDE_IMAGE` placeholder shape contains the slide thumbnail, and a `BODY` placeholder shape contains the speaker notes. - The notes master page properties define the common page properties inherited by all notes pages. - Any other shapes on the notes master appear on all notes pages. The notes master is read-only.
@@ -4075,12 +5072,7 @@
     },
     "pageType": "A String", # The type of the page.
     "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-    "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-      "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-      "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-      "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-      "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-    },
+    "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
   },
   "pageSize": { # A width and height. # The size of pages in the presentation.
     "height": { # A magnitude in a single direction in the specified units. # The height of the object.
@@ -5101,12 +6093,7 @@
       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-      },
+      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
     },
   ],
   "title": "A String", # The title of the presentation.
@@ -6128,12 +7115,7 @@
       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-      },
+      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
     },
   ],
   "locale": "A String", # The locale of the presentation, as an IETF BCP 47 language tag.
@@ -7144,12 +8126,7 @@
       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-      },
+      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
     },
   ],
   "notesMaster": { # A page in a presentation. # The notes master in the presentation. It serves three purposes: - Placeholder shapes on a notes master contain the default text styles and shape properties of all placeholder shapes on notes pages. Specifically, a `SLIDE_IMAGE` placeholder shape contains the slide thumbnail, and a `BODY` placeholder shape contains the speaker notes. - The notes master page properties define the common page properties inherited by all notes pages. - Any other shapes on the notes master appear on all notes pages. The notes master is read-only.
@@ -8158,12 +9135,7 @@
     },
     "pageType": "A String", # The type of the page.
     "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-    "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-      "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-      "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-      "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-      "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-    },
+    "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
   },
   "pageSize": { # A width and height. # The size of pages in the presentation.
     "height": { # A magnitude in a single direction in the specified units. # The height of the object.
@@ -9184,12 +10156,7 @@
       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-      },
+      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
     },
   ],
   "title": "A String", # The title of the presentation.
@@ -10218,12 +11185,7 @@
       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-      },
+      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
     },
   ],
   "locale": "A String", # The locale of the presentation, as an IETF BCP 47 language tag.
@@ -11234,12 +12196,7 @@
       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-      },
+      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
     },
   ],
   "notesMaster": { # A page in a presentation. # The notes master in the presentation. It serves three purposes: - Placeholder shapes on a notes master contain the default text styles and shape properties of all placeholder shapes on notes pages. Specifically, a `SLIDE_IMAGE` placeholder shape contains the slide thumbnail, and a `BODY` placeholder shape contains the speaker notes. - The notes master page properties define the common page properties inherited by all notes pages. - Any other shapes on the notes master appear on all notes pages. The notes master is read-only.
@@ -12248,12 +13205,7 @@
     },
     "pageType": "A String", # The type of the page.
     "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-    "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-      "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-      "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-      "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-      "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-    },
+    "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
   },
   "pageSize": { # A width and height. # The size of pages in the presentation.
     "height": { # A magnitude in a single direction in the specified units. # The height of the object.
@@ -13274,12 +14226,7 @@
       },
       "pageType": "A String", # The type of the page.
       "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-      "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-        "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-        "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-        "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-        "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-      },
+      "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
     },
   ],
   "title": "A String", # The title of the presentation.

docs/dyn/slides_v1.presentations.pages.html

diff --git a/docs/dyn/slides_v1.presentations.pages.html b/docs/dyn/slides_v1.presentations.pages.html
index aab9b5e..68f1bda 100644
--- a/docs/dyn/slides_v1.presentations.pages.html
+++ b/docs/dyn/slides_v1.presentations.pages.html
@@ -1110,12 +1110,7 @@
   },
   "pageType": "A String", # The type of the page.
   "revisionId": "A String", # The revision ID of the presentation containing this page. Can be used in update requests to assert that the presentation revision hasn't changed since the last read operation. Only populated if the user has edit access to the presentation. The format of the revision ID may change over time, so it should be treated opaquely. A returned revision ID is only guaranteed to be valid for 24 hours after it has been returned and cannot be shared across users. If the revision ID is unchanged between calls, then the presentation has not changed. Conversely, a changed ID (for the same presentation and user) usually means the presentation has been updated; however, a changed ID can also be due to internal factors such as ID format changes.
-  "slideProperties": { # The properties of Page that are only relevant for pages with page_type SLIDE. # Slide specific properties. Only set if page_type = SLIDE.
-    "isSkipped": True or False, # Whether the slide is skipped in the presentation mode. Defaults to false.
-    "layoutObjectId": "A String", # The object ID of the layout that this slide is based on. This property is read-only.
-    "masterObjectId": "A String", # The object ID of the master that this slide is based on. This property is read-only.
-    "notesPage": # Object with schema name: Page # The notes page that this slide is associated with. It defines the visual appearance of a notes page when printing or exporting slides with speaker notes. A notes page inherits properties from the notes master. The placeholder shape with type BODY on the notes page contains the speaker notes for this slide. The ID of this shape is identified by the speakerNotesObjectId field. The notes page is read-only except for the text content and styles of the speaker notes shape. This property is read-only.
-  },
+  "slideProperties": # Object with schema name: SlideProperties # Slide specific properties. Only set if page_type = SLIDE.
 }</pre>
 </div>
 

docs/dyn/spanner_v1.projects.instances.databases.sessions.html

diff --git a/docs/dyn/spanner_v1.projects.instances.databases.sessions.html b/docs/dyn/spanner_v1.projects.instances.databases.sessions.html
index 0dce471..f599042 100644
--- a/docs/dyn/spanner_v1.projects.instances.databases.sessions.html
+++ b/docs/dyn/spanner_v1.projects.instances.databases.sessions.html
@@ -421,7 +421,14 @@
         "a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query.
           "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
           "code": "A String", # Required. The TypeCode for this type.
-          "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+          "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+            "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
+              { # Message representing a single field of a struct.
+                "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
+                "type": # Object with schema name: Type # The type of the field.
+              },
+            ],
+          },
         },
       },
       "params": { # Parameter names and values that bind to placeholders in the DML string. A parameter placeholder consists of the `@` character followed by the parameter name (for example, `@firstName`). Parameter names can contain letters, numbers, and underscores. Parameters can appear anywhere that a literal value is expected. The same parameter name can be used more than once, for example: `"WHERE id > @msg_id AND id < @msg_id + 100"` It is an error to execute a SQL statement with unbound parameters.
@@ -479,11 +486,7 @@
           "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
             { # Message representing a single field of a struct.
               "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-              "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-                "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-                "code": "A String", # Required. The TypeCode for this type.
-                "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-              },
+              "type": # Object with schema name: Type # The type of the field.
             },
           ],
         },
@@ -560,7 +563,14 @@
     "a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query.
       "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
       "code": "A String", # Required. The TypeCode for this type.
-      "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+      "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+        "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
+          { # Message representing a single field of a struct.
+            "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
+            "type": # Object with schema name: Type # The type of the field.
+          },
+        ],
+      },
     },
   },
   "params": { # Parameter names and values that bind to placeholders in the SQL string. A parameter placeholder consists of the `@` character followed by the parameter name (for example, `@firstName`). Parameter names must conform to the naming requirements of identifiers as specified at https://cloud.google.com/spanner/docs/lexical#identifiers. Parameters can appear anywhere that a literal value is expected. The same parameter name can be used more than once, for example: `"WHERE id > @msg_id AND id < @msg_id + 100"` It is an error to execute a SQL statement with unbound parameters.
@@ -627,11 +637,7 @@
       "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
         { # Message representing a single field of a struct.
           "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-          "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-            "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-            "code": "A String", # Required. The TypeCode for this type.
-            "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-          },
+          "type": # Object with schema name: Type # The type of the field.
         },
       ],
     },
@@ -697,7 +703,14 @@
     "a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query.
       "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
       "code": "A String", # Required. The TypeCode for this type.
-      "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+      "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+        "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
+          { # Message representing a single field of a struct.
+            "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
+            "type": # Object with schema name: Type # The type of the field.
+          },
+        ],
+      },
     },
   },
   "params": { # Parameter names and values that bind to placeholders in the SQL string. A parameter placeholder consists of the `@` character followed by the parameter name (for example, `@firstName`). Parameter names must conform to the naming requirements of identifiers as specified at https://cloud.google.com/spanner/docs/lexical#identifiers. Parameters can appear anywhere that a literal value is expected. The same parameter name can be used more than once, for example: `"WHERE id > @msg_id AND id < @msg_id + 100"` It is an error to execute a SQL statement with unbound parameters.
@@ -765,11 +778,7 @@
       "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
         { # Message representing a single field of a struct.
           "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-          "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-            "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-            "code": "A String", # Required. The TypeCode for this type.
-            "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-          },
+          "type": # Object with schema name: Type # The type of the field.
         },
       ],
     },
@@ -904,7 +913,14 @@
     "a_key": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query.
       "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
       "code": "A String", # Required. The TypeCode for this type.
-      "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+      "structType": { # `StructType` defines the fields of a STRUCT type. # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
+        "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
+          { # Message representing a single field of a struct.
+            "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
+            "type": # Object with schema name: Type # The type of the field.
+          },
+        ],
+      },
     },
   },
   "params": { # Parameter names and values that bind to placeholders in the SQL string. A parameter placeholder consists of the `@` character followed by the parameter name (for example, `@firstName`). Parameter names can contain letters, numbers, and underscores. Parameters can appear anywhere that a literal value is expected. The same parameter name can be used more than once, for example: `"WHERE id > @msg_id AND id < @msg_id + 100"` It is an error to execute a SQL statement with unbound parameters.
@@ -1160,11 +1176,7 @@
       "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
         { # Message representing a single field of a struct.
           "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-          "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-            "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-            "code": "A String", # Required. The TypeCode for this type.
-            "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-          },
+          "type": # Object with schema name: Type # The type of the field.
         },
       ],
     },
@@ -1336,11 +1348,7 @@
       "fields": [ # The list of fields that make up this struct. Order is significant, because values of this struct type are represented as lists, where the order of field values matches the order of fields in the StructType. In turn, the order of fields matches the order of columns in a read request, or the order of fields in the `SELECT` clause of a query.
         { # Message representing a single field of a struct.
           "name": "A String", # The name of the field. For reads, this is the column name. For SQL queries, it is the column alias (e.g., `"Word"` in the query `"SELECT 'hello' AS Word"`), or the column name (e.g., `"ColName"` in the query `"SELECT ColName FROM Table"`). Some columns might have an empty name (e.g., `"SELECT UPPER(ColName)"`). Note that a query result can contain multiple fields with the same name.
-          "type": { # `Type` indicates the type of a Cloud Spanner value, as might be stored in a table cell or returned from an SQL query. # The type of the field.
-            "arrayElementType": # Object with schema name: Type # If code == ARRAY, then `array_element_type` is the type of the array elements.
-            "code": "A String", # Required. The TypeCode for this type.
-            "structType": # Object with schema name: StructType # If code == STRUCT, then `struct_type` provides type information for the struct's fields.
-          },
+          "type": # Object with schema name: Type # The type of the field.
         },
       ],
     },

docs/dyn/speech_v1.html

diff --git a/docs/dyn/speech_v1.html b/docs/dyn/speech_v1.html
index f97648f..f99b8e3 100644
--- a/docs/dyn/speech_v1.html
+++ b/docs/dyn/speech_v1.html
@@ -80,6 +80,11 @@
 <p class="firstline">Returns the operations Resource.</p>
 
 <p class="toc_element">
+  <code><a href="speech_v1.projects.html">projects()</a></code>
+</p>
+<p class="firstline">Returns the projects Resource.</p>
+
+<p class="toc_element">
   <code><a href="speech_v1.speech.html">speech()</a></code>
 </p>
 <p class="firstline">Returns the speech Resource.</p>

docs/dyn/speech_v1.projects.locations.customClasses.html

diff --git a/docs/dyn/speech_v1.projects.locations.customClasses.html b/docs/dyn/speech_v1.projects.locations.customClasses.html
new file mode 100644
index 0000000..8d84265
--- /dev/null
+++ b/docs/dyn/speech_v1.projects.locations.customClasses.html
@@ -0,0 +1,273 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="speech_v1.html">Cloud Speech-to-Text API</a> . <a href="speech_v1.projects.html">projects</a> . <a href="speech_v1.projects.locations.html">locations</a> . <a href="speech_v1.projects.locations.customClasses.html">customClasses</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#create">create(parent, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Create a custom class.</p>
+<p class="toc_element">
+  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Delete a custom class.</p>
+<p class="toc_element">
+  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Get a custom class.</p>
+<p class="toc_element">
+  <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">List custom classes.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Update a custom class.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="create">create(parent, body=None, x__xgafv=None)</code>
+  <pre>Create a custom class.
+
+Args:
+  parent: string, Required. The parent resource where this custom class will be created. Format: {api_version}/projects/{project}/locations/{location}/customClasses (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Message sent by the client for the `CreateCustomClass` method.
+  &quot;customClass&quot;: { # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases. # Required. The custom class to create.
+    &quot;customClassId&quot;: &quot;A String&quot;, # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
+    &quot;items&quot;: [ # A collection of class items.
+      { # An item of the class.
+        &quot;value&quot;: &quot;A String&quot;, # The class item&#x27;s value.
+      },
+    ],
+    &quot;name&quot;: &quot;A String&quot;, # The resource name of the custom class.
+  },
+  &quot;customClassId&quot;: &quot;A String&quot;, # Required. The ID to use for the custom class, which will become the final component of the custom class&#x27; resource name. This value should be 4-63 characters, and valid characters are /a-z-/.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases.
+  &quot;customClassId&quot;: &quot;A String&quot;, # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
+  &quot;items&quot;: [ # A collection of class items.
+    { # An item of the class.
+      &quot;value&quot;: &quot;A String&quot;, # The class item&#x27;s value.
+    },
+  ],
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the custom class.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
+  <pre>Delete a custom class.
+
+Args:
+  name: string, Required. The name of the custom class to delete. Format: {api_version}/projects/{project}/locations/{location}/customClasses/{custom_class} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="get">get(name, x__xgafv=None)</code>
+  <pre>Get a custom class.
+
+Args:
+  name: string, Required. The name of the custom class to retrieve. Format: {api_version}/projects/{project}/locations/{location}/customClasses/{custom_class} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases.
+  &quot;customClassId&quot;: &quot;A String&quot;, # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
+  &quot;items&quot;: [ # A collection of class items.
+    { # An item of the class.
+      &quot;value&quot;: &quot;A String&quot;, # The class item&#x27;s value.
+    },
+  ],
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the custom class.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
+  <pre>List custom classes.
+
+Args:
+  parent: string, Required. The parent, which owns this collection of custom classes. Format: {api_version}/projects/{project}/locations/{location}/customClasses (required)
+  pageSize: integer, The maximum number of custom classes to return. The service may return fewer than this value. If unspecified, at most 50 custom classes will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
+  pageToken: string, A page token, received from a previous `ListCustomClass` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListCustomClass` must match the call that provided the page token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Message returned to the client by the `ListCustomClasses` method.
+  &quot;customClasses&quot;: [ # The custom classes.
+    { # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases.
+      &quot;customClassId&quot;: &quot;A String&quot;, # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
+      &quot;items&quot;: [ # A collection of class items.
+        { # An item of the class.
+          &quot;value&quot;: &quot;A String&quot;, # The class item&#x27;s value.
+        },
+      ],
+      &quot;name&quot;: &quot;A String&quot;, # The resource name of the custom class.
+    },
+  ],
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Update a custom class.
+
+Args:
+  name: string, The resource name of the custom class. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases.
+  &quot;customClassId&quot;: &quot;A String&quot;, # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
+  &quot;items&quot;: [ # A collection of class items.
+    { # An item of the class.
+      &quot;value&quot;: &quot;A String&quot;, # The class item&#x27;s value.
+    },
+  ],
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the custom class.
+}
+
+  updateMask: string, The list of fields to be updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases.
+  &quot;customClassId&quot;: &quot;A String&quot;, # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
+  &quot;items&quot;: [ # A collection of class items.
+    { # An item of the class.
+      &quot;value&quot;: &quot;A String&quot;, # The class item&#x27;s value.
+    },
+  ],
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the custom class.
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/speech_v1.projects.locations.html

diff --git a/docs/dyn/speech_v1.projects.locations.html b/docs/dyn/speech_v1.projects.locations.html
index f88e531..e92f8ae 100644
--- a/docs/dyn/speech_v1.projects.locations.html
+++ b/docs/dyn/speech_v1.projects.locations.html
@@ -75,9 +75,14 @@
 <h1><a href="speech_v1.html">Cloud Speech-to-Text API</a> . <a href="speech_v1.projects.html">projects</a> . <a href="speech_v1.projects.locations.html">locations</a></h1>
 <h2>Instance Methods</h2>
 <p class="toc_element">
-  <code><a href="speech_v1.projects.locations.operations.html">operations()</a></code>
+  <code><a href="speech_v1.projects.locations.customClasses.html">customClasses()</a></code>
 </p>
-<p class="firstline">Returns the operations Resource.</p>
+<p class="firstline">Returns the customClasses Resource.</p>
+
+<p class="toc_element">
+  <code><a href="speech_v1.projects.locations.phraseSets.html">phraseSets()</a></code>
+</p>
+<p class="firstline">Returns the phraseSets Resource.</p>
 
 <p class="toc_element">
   <code><a href="#close">close()</a></code></p>

docs/dyn/speech_v1.projects.locations.phraseSets.html

diff --git a/docs/dyn/speech_v1.projects.locations.phraseSets.html b/docs/dyn/speech_v1.projects.locations.phraseSets.html
new file mode 100644
index 0000000..df16ee7
--- /dev/null
+++ b/docs/dyn/speech_v1.projects.locations.phraseSets.html
@@ -0,0 +1,279 @@
+<html><body>
+<style>
+
+body, h1, h2, h3, div, span, p, pre, a {
+  margin: 0;
+  padding: 0;
+  border: 0;
+  font-weight: inherit;
+  font-style: inherit;
+  font-size: 100%;
+  font-family: inherit;
+  vertical-align: baseline;
+}
+
+body {
+  font-size: 13px;
+  padding: 1em;
+}
+
+h1 {
+  font-size: 26px;
+  margin-bottom: 1em;
+}
+
+h2 {
+  font-size: 24px;
+  margin-bottom: 1em;
+}
+
+h3 {
+  font-size: 20px;
+  margin-bottom: 1em;
+  margin-top: 1em;
+}
+
+pre, code {
+  line-height: 1.5;
+  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
+}
+
+pre {
+  margin-top: 0.5em;
+}
+
+h1, h2, h3, p {
+  font-family: Arial, sans serif;
+}
+
+h1, h2, h3 {
+  border-bottom: solid #CCC 1px;
+}
+
+.toc_element {
+  margin-top: 0.5em;
+}
+
+.firstline {
+  margin-left: 2 em;
+}
+
+.method  {
+  margin-top: 1em;
+  border: solid 1px #CCC;
+  padding: 1em;
+  background: #EEE;
+}
+
+.details {
+  font-weight: bold;
+  font-size: 14px;
+}
+
+</style>
+
+<h1><a href="speech_v1.html">Cloud Speech-to-Text API</a> . <a href="speech_v1.projects.html">projects</a> . <a href="speech_v1.projects.locations.html">locations</a> . <a href="speech_v1.projects.locations.phraseSets.html">phraseSets</a></h1>
+<h2>Instance Methods</h2>
+<p class="toc_element">
+  <code><a href="#close">close()</a></code></p>
+<p class="firstline">Close httplib2 connections.</p>
+<p class="toc_element">
+  <code><a href="#create">create(parent, body=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Create a set of phrase hints. Each item in the set can be a single word or a multi-word phrase. The items in the PhraseSet are favored by the recognition model when you send a call that includes the PhraseSet.</p>
+<p class="toc_element">
+  <code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Delete a phrase set.</p>
+<p class="toc_element">
+  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Get a phrase set.</p>
+<p class="toc_element">
+  <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+<p class="firstline">List phrase sets.</p>
+<p class="toc_element">
+  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
+<p class="firstline">Retrieves the next page of results.</p>
+<p class="toc_element">
+  <code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
+<p class="firstline">Update a phrase set.</p>
+<h3>Method Details</h3>
+<div class="method">
+    <code class="details" id="close">close()</code>
+  <pre>Close httplib2 connections.</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="create">create(parent, body=None, x__xgafv=None)</code>
+  <pre>Create a set of phrase hints. Each item in the set can be a single word or a multi-word phrase. The items in the PhraseSet are favored by the recognition model when you send a call that includes the PhraseSet.
+
+Args:
+  parent: string, Required. The parent resource where this phrase set will be created. Format: {api_version}/projects/{project}/locations/{location}/phraseSets (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Message sent by the client for the `CreatePhraseSet` method.
+  &quot;phraseSet&quot;: { # Provides &quot;hints&quot; to the speech recognizer to favor specific words and phrases in the results. # Required. The phrase set to create.
+    &quot;boost&quot;: 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 (exclusive) and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+    &quot;name&quot;: &quot;A String&quot;, # The resource name of the phrase set.
+    &quot;phrases&quot;: [ # A list of word and phrases.
+      { # A phrases containing words and phrase &quot;hints&quot; so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. &quot;i was born in january&quot;, &quot;i was born in febuary&quot;, ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. &quot;i was born in $month&quot;). To refer to pre-built classes, use the class&#x27; symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class&#x27;s `custom_class_id` to a string unique to all class resources and inline classes. Then use the class&#x27; id wrapped in $`{...}` e.g. &quot;${my-months}&quot;. To refer to custom classes resources, use the class&#x27; id wrapped in `${}` (e.g. `${my-months}`).
+        &quot;boost&quot;: 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+        &quot;value&quot;: &quot;A String&quot;, # The phrase itself.
+      },
+    ],
+  },
+  &quot;phraseSetId&quot;: &quot;A String&quot;, # Required. The ID to use for the phrase set, which will become the final component of the phrase set&#x27;s resource name. This value should be 4-63 characters, and valid characters are /a-z-/.
+}
+
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Provides &quot;hints&quot; to the speech recognizer to favor specific words and phrases in the results.
+  &quot;boost&quot;: 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 (exclusive) and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the phrase set.
+  &quot;phrases&quot;: [ # A list of word and phrases.
+    { # A phrases containing words and phrase &quot;hints&quot; so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. &quot;i was born in january&quot;, &quot;i was born in febuary&quot;, ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. &quot;i was born in $month&quot;). To refer to pre-built classes, use the class&#x27; symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class&#x27;s `custom_class_id` to a string unique to all class resources and inline classes. Then use the class&#x27; id wrapped in $`{...}` e.g. &quot;${my-months}&quot;. To refer to custom classes resources, use the class&#x27; id wrapped in `${}` (e.g. `${my-months}`).
+      &quot;boost&quot;: 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+      &quot;value&quot;: &quot;A String&quot;, # The phrase itself.
+    },
+  ],
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="delete">delete(name, x__xgafv=None)</code>
+  <pre>Delete a phrase set.
+
+Args:
+  name: string, Required. The name of the phrase set to delete. Format: {api_version}/projects/{project}/locations/{location}/phraseSets/{phrase_set} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="get">get(name, x__xgafv=None)</code>
+  <pre>Get a phrase set.
+
+Args:
+  name: string, Required. The name of the phrase set to retrieve. Format: {api_version}/projects/{project}/locations/{location}/phraseSets/{phrase_set} (required)
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Provides &quot;hints&quot; to the speech recognizer to favor specific words and phrases in the results.
+  &quot;boost&quot;: 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 (exclusive) and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the phrase set.
+  &quot;phrases&quot;: [ # A list of word and phrases.
+    { # A phrases containing words and phrase &quot;hints&quot; so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. &quot;i was born in january&quot;, &quot;i was born in febuary&quot;, ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. &quot;i was born in $month&quot;). To refer to pre-built classes, use the class&#x27; symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class&#x27;s `custom_class_id` to a string unique to all class resources and inline classes. Then use the class&#x27; id wrapped in $`{...}` e.g. &quot;${my-months}&quot;. To refer to custom classes resources, use the class&#x27; id wrapped in `${}` (e.g. `${my-months}`).
+      &quot;boost&quot;: 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+      &quot;value&quot;: &quot;A String&quot;, # The phrase itself.
+    },
+  ],
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
+  <pre>List phrase sets.
+
+Args:
+  parent: string, Required. The parent, which owns this collection of phrase set. Format: projects/{project}/locations/{location} (required)
+  pageSize: integer, The maximum number of phrase sets to return. The service may return fewer than this value. If unspecified, at most 50 phrase sets will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
+  pageToken: string, A page token, received from a previous `ListPhraseSet` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListPhraseSet` must match the call that provided the page token.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Message returned to the client by the `ListPhraseSet` method.
+  &quot;nextPageToken&quot;: &quot;A String&quot;, # A token, which can be sent as `page_token` to retrieve the next page. If this field is omitted, there are no subsequent pages.
+  &quot;phraseSets&quot;: [ # The phrase set.
+    { # Provides &quot;hints&quot; to the speech recognizer to favor specific words and phrases in the results.
+      &quot;boost&quot;: 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 (exclusive) and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+      &quot;name&quot;: &quot;A String&quot;, # The resource name of the phrase set.
+      &quot;phrases&quot;: [ # A list of word and phrases.
+        { # A phrases containing words and phrase &quot;hints&quot; so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. &quot;i was born in january&quot;, &quot;i was born in febuary&quot;, ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. &quot;i was born in $month&quot;). To refer to pre-built classes, use the class&#x27; symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class&#x27;s `custom_class_id` to a string unique to all class resources and inline classes. Then use the class&#x27; id wrapped in $`{...}` e.g. &quot;${my-months}&quot;. To refer to custom classes resources, use the class&#x27; id wrapped in `${}` (e.g. `${my-months}`).
+          &quot;boost&quot;: 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+          &quot;value&quot;: &quot;A String&quot;, # The phrase itself.
+        },
+      ],
+    },
+  ],
+}</pre>
+</div>
+
+<div class="method">
+    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
+  <pre>Retrieves the next page of results.
+
+Args:
+  previous_request: The request for the previous page. (required)
+  previous_response: The response from the request for the previous page. (required)
+
+Returns:
+  A request object that you can call &#x27;execute()&#x27; on to request the next
+  page. Returns None if there are no more items in the collection.
+    </pre>
+</div>
+
+<div class="method">
+    <code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
+  <pre>Update a phrase set.
+
+Args:
+  name: string, The resource name of the phrase set. (required)
+  body: object, The request body.
+    The object takes the form of:
+
+{ # Provides &quot;hints&quot; to the speech recognizer to favor specific words and phrases in the results.
+  &quot;boost&quot;: 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 (exclusive) and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the phrase set.
+  &quot;phrases&quot;: [ # A list of word and phrases.
+    { # A phrases containing words and phrase &quot;hints&quot; so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. &quot;i was born in january&quot;, &quot;i was born in febuary&quot;, ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. &quot;i was born in $month&quot;). To refer to pre-built classes, use the class&#x27; symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class&#x27;s `custom_class_id` to a string unique to all class resources and inline classes. Then use the class&#x27; id wrapped in $`{...}` e.g. &quot;${my-months}&quot;. To refer to custom classes resources, use the class&#x27; id wrapped in `${}` (e.g. `${my-months}`).
+      &quot;boost&quot;: 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+      &quot;value&quot;: &quot;A String&quot;, # The phrase itself.
+    },
+  ],
+}
+
+  updateMask: string, The list of fields to be updated.
+  x__xgafv: string, V1 error format.
+    Allowed values
+      1 - v1 error format
+      2 - v2 error format
+
+Returns:
+  An object of the form:
+
+    { # Provides &quot;hints&quot; to the speech recognizer to favor specific words and phrases in the results.
+  &quot;boost&quot;: 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 (exclusive) and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+  &quot;name&quot;: &quot;A String&quot;, # The resource name of the phrase set.
+  &quot;phrases&quot;: [ # A list of word and phrases.
+    { # A phrases containing words and phrase &quot;hints&quot; so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. &quot;i was born in january&quot;, &quot;i was born in febuary&quot;, ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. &quot;i was born in $month&quot;). To refer to pre-built classes, use the class&#x27; symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class&#x27;s `custom_class_id` to a string unique to all class resources and inline classes. Then use the class&#x27; id wrapped in $`{...}` e.g. &quot;${my-months}&quot;. To refer to custom classes resources, use the class&#x27; id wrapped in `${}` (e.g. `${my-months}`).
+      &quot;boost&quot;: 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+      &quot;value&quot;: &quot;A String&quot;, # The phrase itself.
+    },
+  ],
+}</pre>
+</div>
+
+</body></html>
\ No newline at end of file

docs/dyn/speech_v1.speech.html

diff --git a/docs/dyn/speech_v1.speech.html b/docs/dyn/speech_v1.speech.html
index bd6eacd..700556f 100644
--- a/docs/dyn/speech_v1.speech.html
+++ b/docs/dyn/speech_v1.speech.html
@@ -103,6 +103,34 @@
     "uri": "A String", # URI that points to a file that contains audio data bytes as specified in `RecognitionConfig`. The file must not be compressed (for example, gzip). Currently, only Google Cloud Storage URIs are supported, which must be specified in the following format: `gs://bucket_name/object_name` (other URI formats return google.rpc.Code.INVALID_ARGUMENT). For more information, see [Request URIs](https://cloud.google.com/storage/docs/reference-uris).
   },
   "config": { # Provides information to the recognizer that specifies how to process the request. # Required. Provides information to the recognizer that specifies how to process the request.
+    "adaptation": { # Speech adaptation configuration. # Speech adaptation configuration improves the accuracy of speech recognition. For more information, see the [speech adaptation](https://cloud.google.com/speech-to-text/docs/adaptation) documentation. When speech adaptation is set it supersedes the `speech_contexts` field.
+      "customClasses": [ # A collection of custom classes. To specify the classes inline, leave the class' `name` blank and fill in the rest of its fields, giving it a unique `custom_class_id`. Refer to the inline defined class in phrase hints by its `custom_class_id`.
+        { # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases.
+          "customClassId": "A String", # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
+          "items": [ # A collection of class items.
+            { # An item of the class.
+              "value": "A String", # The class item's value.
+            },
+          ],
+          "name": "A String", # The resource name of the custom class.
+        },
+      ],
+      "phraseSetReferences": [ # A collection of phrase set resource names to use.
+        "A String",
+      ],
+      "phraseSets": [ # A collection of phrase sets. To specify the hints inline, leave the phrase set's `name` blank and fill in the rest of its fields. Any phrase set can use any custom class.
+        { # Provides "hints" to the speech recognizer to favor specific words and phrases in the results.
+          "boost": 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 (exclusive) and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+          "name": "A String", # The resource name of the phrase set.
+          "phrases": [ # A list of word and phrases.
+            { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
+              "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+              "value": "A String", # The phrase itself.
+            },
+          ],
+        },
+      ],
+    },
     "alternativeLanguageCodes": [ # A list of up to 3 additional [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tags, listing possible alternative languages of the supplied audio. See [Language Support](https://cloud.google.com/speech-to-text/docs/languages) for a list of the currently supported language codes. If alternative languages are listed, recognition result will contain recognition in the most likely language detected including the main language_code. The recognition result will include the language tag of the language detected in the audio. Note: This feature is only supported for Voice Command and Voice Search use cases and performance may vary for other use cases (e.g., phone call transcription).
       "A String",
     ],
@@ -137,6 +165,7 @@
     "sampleRateHertz": 42, # Sample rate in Hertz of the audio data sent in all `RecognitionAudio` messages. Valid values are: 8000-48000. 16000 is optimal. For best results, set the sampling rate of the audio source to 16000 Hz. If that's not possible, use the native sample rate of the audio source (instead of re-sampling). This field is optional for FLAC and WAV audio files, but is required for all other audio formats. For details, see AudioEncoding.
     "speechContexts": [ # Array of SpeechContext. A means to provide context to assist the speech recognition. For more information, see [speech adaptation](https://cloud.google.com/speech-to-text/docs/adaptation).
       { # Provides "hints" to the speech recognizer to favor specific words and phrases in the results.
+        "boost": 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case.
         "phrases": [ # A list of strings containing words and phrases "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also be set to classes for groups of words that represent common concepts that occur in natural language. For example, rather than providing phrase hints for every month of the year, using the $MONTH class improves the likelihood of correctly transcribing audio that includes months.
           "A String",
         ],
@@ -192,6 +221,34 @@
     "uri": "A String", # URI that points to a file that contains audio data bytes as specified in `RecognitionConfig`. The file must not be compressed (for example, gzip). Currently, only Google Cloud Storage URIs are supported, which must be specified in the following format: `gs://bucket_name/object_name` (other URI formats return google.rpc.Code.INVALID_ARGUMENT). For more information, see [Request URIs](https://cloud.google.com/storage/docs/reference-uris).
   },
   "config": { # Provides information to the recognizer that specifies how to process the request. # Required. Provides information to the recognizer that specifies how to process the request.
+    "adaptation": { # Speech adaptation configuration. # Speech adaptation configuration improves the accuracy of speech recognition. For more information, see the [speech adaptation](https://cloud.google.com/speech-to-text/docs/adaptation) documentation. When speech adaptation is set it supersedes the `speech_contexts` field.
+      "customClasses": [ # A collection of custom classes. To specify the classes inline, leave the class' `name` blank and fill in the rest of its fields, giving it a unique `custom_class_id`. Refer to the inline defined class in phrase hints by its `custom_class_id`.
+        { # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases.
+          "customClassId": "A String", # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
+          "items": [ # A collection of class items.
+            { # An item of the class.
+              "value": "A String", # The class item's value.
+            },
+          ],
+          "name": "A String", # The resource name of the custom class.
+        },
+      ],
+      "phraseSetReferences": [ # A collection of phrase set resource names to use.
+        "A String",
+      ],
+      "phraseSets": [ # A collection of phrase sets. To specify the hints inline, leave the phrase set's `name` blank and fill in the rest of its fields. Any phrase set can use any custom class.
+        { # Provides "hints" to the speech recognizer to favor specific words and phrases in the results.
+          "boost": 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 (exclusive) and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+          "name": "A String", # The resource name of the phrase set.
+          "phrases": [ # A list of word and phrases.
+            { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
+              "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+              "value": "A String", # The phrase itself.
+            },
+          ],
+        },
+      ],
+    },
     "alternativeLanguageCodes": [ # A list of up to 3 additional [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tags, listing possible alternative languages of the supplied audio. See [Language Support](https://cloud.google.com/speech-to-text/docs/languages) for a list of the currently supported language codes. If alternative languages are listed, recognition result will contain recognition in the most likely language detected including the main language_code. The recognition result will include the language tag of the language detected in the audio. Note: This feature is only supported for Voice Command and Voice Search use cases and performance may vary for other use cases (e.g., phone call transcription).
       "A String",
     ],
@@ -226,6 +283,7 @@
     "sampleRateHertz": 42, # Sample rate in Hertz of the audio data sent in all `RecognitionAudio` messages. Valid values are: 8000-48000. 16000 is optimal. For best results, set the sampling rate of the audio source to 16000 Hz. If that's not possible, use the native sample rate of the audio source (instead of re-sampling). This field is optional for FLAC and WAV audio files, but is required for all other audio formats. For details, see AudioEncoding.
     "speechContexts": [ # Array of SpeechContext. A means to provide context to assist the speech recognition. For more information, see [speech adaptation](https://cloud.google.com/speech-to-text/docs/adaptation).
       { # Provides "hints" to the speech recognizer to favor specific words and phrases in the results.
+        "boost": 3.14, # Hint Boost. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case.
         "phrases": [ # A list of strings containing words and phrases "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also be set to classes for groups of words that represent common concepts that occur in natural language. For example, rather than providing phrase hints for every month of the year, using the $MONTH class improves the likelihood of correctly transcribing audio that includes months.
           "A String",
         ],
@@ -263,6 +321,7 @@
       ],
       "channelTag": 42, # For multi-channel audio, this is the channel number corresponding to the recognized result for the audio from that channel. For audio_channel_count = N, its output values can range from '1' to 'N'.
       "languageCode": "A String", # Output only. The [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag of the language in this result. This language code was detected to have the most likelihood of being spoken in the audio.
+      "resultEndTime": "A String", # Time offset of the end of this result relative to the beginning of the audio.
     },
   ],
   "totalBilledTime": "A String", # When available, billed audio seconds for the corresponding request.

docs/dyn/speech_v1p1beta1.projects.locations.phraseSets.html

diff --git a/docs/dyn/speech_v1p1beta1.projects.locations.phraseSets.html b/docs/dyn/speech_v1p1beta1.projects.locations.phraseSets.html
index bdc0d2d..cafc515 100644
--- a/docs/dyn/speech_v1p1beta1.projects.locations.phraseSets.html
+++ b/docs/dyn/speech_v1p1beta1.projects.locations.phraseSets.html
@@ -116,7 +116,7 @@
     "name": "A String", # The resource name of the phrase set.
     "phrases": [ # A list of word and phrases.
       { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
-        "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+        "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
         "value": "A String", # The phrase itself.
       },
     ],
@@ -137,7 +137,7 @@
   "name": "A String", # The resource name of the phrase set.
   "phrases": [ # A list of word and phrases.
     { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
-      "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+      "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
       "value": "A String", # The phrase itself.
     },
   ],
@@ -181,7 +181,7 @@
   "name": "A String", # The resource name of the phrase set.
   "phrases": [ # A list of word and phrases.
     { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
-      "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+      "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
       "value": "A String", # The phrase itself.
     },
   ],
@@ -212,7 +212,7 @@
       "name": "A String", # The resource name of the phrase set.
       "phrases": [ # A list of word and phrases.
         { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
-          "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+          "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
           "value": "A String", # The phrase itself.
         },
       ],
@@ -249,7 +249,7 @@
   "name": "A String", # The resource name of the phrase set.
   "phrases": [ # A list of word and phrases.
     { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
-      "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+      "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
       "value": "A String", # The phrase itself.
     },
   ],
@@ -269,7 +269,7 @@
   "name": "A String", # The resource name of the phrase set.
   "phrases": [ # A list of word and phrases.
     { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
-      "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+      "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
       "value": "A String", # The phrase itself.
     },
   ],

docs/dyn/speech_v1p1beta1.speech.html

diff --git a/docs/dyn/speech_v1p1beta1.speech.html b/docs/dyn/speech_v1p1beta1.speech.html
index 6a2316e..bb77766 100644
--- a/docs/dyn/speech_v1p1beta1.speech.html
+++ b/docs/dyn/speech_v1p1beta1.speech.html
@@ -103,7 +103,7 @@
     "uri": "A String", # URI that points to a file that contains audio data bytes as specified in `RecognitionConfig`. The file must not be compressed (for example, gzip). Currently, only Google Cloud Storage URIs are supported, which must be specified in the following format: `gs://bucket_name/object_name` (other URI formats return google.rpc.Code.INVALID_ARGUMENT). For more information, see [Request URIs](https://cloud.google.com/storage/docs/reference-uris).
   },
   "config": { # Provides information to the recognizer that specifies how to process the request. # Required. Provides information to the recognizer that specifies how to process the request.
-    "adaptation": { # Speech adaptation configuration. # Speech adaptation configuration improves the accuracy of speech recognition. When speech adaptation is set it supersedes the `speech_contexts` field. For more information, see the [speech adaptation](https://cloud.google.com/speech-to-text/docs/adaptation) documentation.
+    "adaptation": { # Speech adaptation configuration. # Speech adaptation configuration improves the accuracy of speech recognition. For more information, see the [speech adaptation](https://cloud.google.com/speech-to-text/docs/adaptation) documentation. When speech adaptation is set it supersedes the `speech_contexts` field.
       "customClasses": [ # A collection of custom classes. To specify the classes inline, leave the class' `name` blank and fill in the rest of its fields, giving it a unique `custom_class_id`. Refer to the inline defined class in phrase hints by its `custom_class_id`.
         { # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases.
           "customClassId": "A String", # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
@@ -124,7 +124,7 @@
           "name": "A String", # The resource name of the phrase set.
           "phrases": [ # A list of word and phrases.
             { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
-              "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+              "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
               "value": "A String", # The phrase itself.
             },
           ],
@@ -233,7 +233,7 @@
     "uri": "A String", # URI that points to a file that contains audio data bytes as specified in `RecognitionConfig`. The file must not be compressed (for example, gzip). Currently, only Google Cloud Storage URIs are supported, which must be specified in the following format: `gs://bucket_name/object_name` (other URI formats return google.rpc.Code.INVALID_ARGUMENT). For more information, see [Request URIs](https://cloud.google.com/storage/docs/reference-uris).
   },
   "config": { # Provides information to the recognizer that specifies how to process the request. # Required. Provides information to the recognizer that specifies how to process the request.
-    "adaptation": { # Speech adaptation configuration. # Speech adaptation configuration improves the accuracy of speech recognition. When speech adaptation is set it supersedes the `speech_contexts` field. For more information, see the [speech adaptation](https://cloud.google.com/speech-to-text/docs/adaptation) documentation.
+    "adaptation": { # Speech adaptation configuration. # Speech adaptation configuration improves the accuracy of speech recognition. For more information, see the [speech adaptation](https://cloud.google.com/speech-to-text/docs/adaptation) documentation. When speech adaptation is set it supersedes the `speech_contexts` field.
       "customClasses": [ # A collection of custom classes. To specify the classes inline, leave the class' `name` blank and fill in the rest of its fields, giving it a unique `custom_class_id`. Refer to the inline defined class in phrase hints by its `custom_class_id`.
         { # A set of words or phrases that represents a common concept likely to appear in your audio, for example a list of passenger ship names. CustomClass items can be substituted into placeholders that you set in PhraseSet phrases.
           "customClassId": "A String", # If this custom class is a resource, the custom_class_id is the resource id of the CustomClass. Case sensitive.
@@ -254,7 +254,7 @@
           "name": "A String", # The resource name of the phrase set.
           "phrases": [ # A list of word and phrases.
             { # A phrases containing words and phrase "hints" so that the speech recognition is more likely to recognize them. This can be used to improve the accuracy for specific words and phrases, for example, if specific commands are typically spoken by the user. This can also be used to add additional words to the vocabulary of the recognizer. See [usage limits](https://cloud.google.com/speech-to-text/quotas#content). List items can also include pre-built or custom classes containing groups of words that represent common concepts that occur in natural language. For example, rather than providing a phrase hint for every month of the year (e.g. "i was born in january", "i was born in febuary", ...), use the pre-built `$MONTH` class improves the likelihood of correctly transcribing audio that includes months (e.g. "i was born in $month"). To refer to pre-built classes, use the class' symbol prepended with `$` e.g. `$MONTH`. To refer to custom classes that were defined inline in the request, set the class's `custom_class_id` to a string unique to all class resources and inline classes. Then use the class' id wrapped in $`{...}` e.g. "${my-months}". To refer to custom classes resources, use the class' id wrapped in `${}` (e.g. `${my-months}`).
-              "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost values would correspond to anti-biasing. Anti-biasing is not enabled, so negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
+              "boost": 3.14, # Hint Boost. Overrides the boost set at the phrase set level. Positive value will increase the probability that a specific phrase will be recognized over other similar sounding phrases. The higher the boost, the higher the chance of false positive recognition as well. Negative boost will simply be ignored. Though `boost` can accept a wide range of positive values, most use cases are best served with values between 0 and 20. We recommend using a binary search approach to finding the optimal value for your use case. Speech recognition will skip PhraseSets with a boost value of 0.
               "value": "A String", # The phrase itself.
             },
           ],
@@ -345,6 +345,7 @@
       ],
       "channelTag": 42, # For multi-channel audio, this is the channel number corresponding to the recognized result for the audio from that channel. For audio_channel_count = N, its output values can range from '1' to 'N'.
       "languageCode": "A String", # Output only. The [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag of the language in this result. This language code was detected to have the most likelihood of being spoken in the audio.
+      "resultEndTime": "A String", # Time offset of the end of this result relative to the beginning of the audio.
     },
   ],
   "totalBilledTime": "A String", # When available, billed audio seconds for the corresponding request.

docs/dyn/sqladmin_v1.backupRuns.html

diff --git a/docs/dyn/sqladmin_v1.backupRuns.html b/docs/dyn/sqladmin_v1.backupRuns.html
index 2b2a1e7..d6cc0d7 100644
--- a/docs/dyn/sqladmin_v1.backupRuns.html
+++ b/docs/dyn/sqladmin_v1.backupRuns.html
@@ -138,15 +138,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -185,7 +185,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -310,15 +310,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -357,7 +357,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1.databases.html

diff --git a/docs/dyn/sqladmin_v1.databases.html b/docs/dyn/sqladmin_v1.databases.html
index 7a8c0f8..298e9ef 100644
--- a/docs/dyn/sqladmin_v1.databases.html
+++ b/docs/dyn/sqladmin_v1.databases.html
@@ -141,15 +141,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -188,7 +188,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -285,15 +285,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -332,7 +332,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -434,15 +434,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -481,7 +481,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -547,15 +547,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -594,7 +594,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1.instances.html

diff --git a/docs/dyn/sqladmin_v1.instances.html b/docs/dyn/sqladmin_v1.instances.html
index 5855bbe..0c0d47b 100644
--- a/docs/dyn/sqladmin_v1.instances.html
+++ b/docs/dyn/sqladmin_v1.instances.html
@@ -183,15 +183,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -230,7 +230,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -294,15 +294,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -341,7 +341,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -393,15 +393,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -440,7 +440,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -510,15 +510,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -557,7 +557,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -584,15 +584,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -635,15 +635,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -682,7 +682,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -739,15 +739,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -786,7 +786,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -814,6 +814,7 @@
   "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
   "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
   "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+  "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
   "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
   "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
     "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -829,7 +830,7 @@
     "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
   },
   "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-  "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+  "instanceType": "A String", # The instance type.
   "ipAddresses": [ # The assigned IP addresses for the instance.
     { # Database instance IP Mapping.
       "ipAddress": "A String", # The IP address assigned.
@@ -955,7 +956,7 @@
       "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
     },
     "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
       "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
         { # An entry for an Access Control list.
           "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -981,6 +982,13 @@
       "kind": "A String", # This is always **sql#maintenanceWindow**.
       "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
     },
+    "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+      "complexity": "A String", # The complexity of the password.
+      "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+      "minLength": 42, # Minimum number of characters allowed.
+      "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+      "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+    },
     "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
     "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
     "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -1071,15 +1079,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -1118,7 +1126,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -1140,6 +1148,7 @@
   "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
   "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
   "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+  "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
   "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
   "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
     "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -1155,7 +1164,7 @@
     "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
   },
   "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-  "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+  "instanceType": "A String", # The instance type.
   "ipAddresses": [ # The assigned IP addresses for the instance.
     { # Database instance IP Mapping.
       "ipAddress": "A String", # The IP address assigned.
@@ -1281,7 +1290,7 @@
       "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
     },
     "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
       "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
         { # An entry for an Access Control list.
           "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -1307,6 +1316,13 @@
       "kind": "A String", # This is always **sql#maintenanceWindow**.
       "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
     },
+    "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+      "complexity": "A String", # The complexity of the password.
+      "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+      "minLength": 42, # Minimum number of characters allowed.
+      "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+      "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+    },
     "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
     "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
     "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -1359,15 +1375,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -1406,7 +1422,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -1438,6 +1454,7 @@
       "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
       "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
       "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+      "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
       "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
       "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
         "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -1453,7 +1470,7 @@
         "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
       },
       "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-      "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+      "instanceType": "A String", # The instance type.
       "ipAddresses": [ # The assigned IP addresses for the instance.
         { # Database instance IP Mapping.
           "ipAddress": "A String", # The IP address assigned.
@@ -1579,7 +1596,7 @@
           "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
         },
         "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-          "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+          "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
           "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
             { # An entry for an Access Control list.
               "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -1605,6 +1622,13 @@
           "kind": "A String", # This is always **sql#maintenanceWindow**.
           "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
         },
+        "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+          "complexity": "A String", # The complexity of the password.
+          "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+          "minLength": 42, # Minimum number of characters allowed.
+          "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+          "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+        },
         "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
         "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
         "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -1700,6 +1724,7 @@
   "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
   "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
   "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+  "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
   "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
   "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
     "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -1715,7 +1740,7 @@
     "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
   },
   "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-  "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+  "instanceType": "A String", # The instance type.
   "ipAddresses": [ # The assigned IP addresses for the instance.
     { # Database instance IP Mapping.
       "ipAddress": "A String", # The IP address assigned.
@@ -1841,7 +1866,7 @@
       "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
     },
     "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
       "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
         { # An entry for an Access Control list.
           "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -1867,6 +1892,13 @@
       "kind": "A String", # This is always **sql#maintenanceWindow**.
       "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
     },
+    "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+      "complexity": "A String", # The complexity of the password.
+      "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+      "minLength": 42, # Minimum number of characters allowed.
+      "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+      "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+    },
     "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
     "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
     "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -1919,15 +1951,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -1966,7 +1998,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2013,15 +2045,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2060,7 +2092,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2107,15 +2139,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2154,7 +2186,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2201,15 +2233,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2248,7 +2280,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2307,15 +2339,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2354,7 +2386,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2411,15 +2443,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2458,7 +2490,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2505,15 +2537,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2552,7 +2584,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2599,15 +2631,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2646,7 +2678,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2703,15 +2735,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2750,7 +2782,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2773,6 +2805,7 @@
   "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
   "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
   "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+  "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
   "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
   "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
     "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -2788,7 +2821,7 @@
     "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
   },
   "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-  "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+  "instanceType": "A String", # The instance type.
   "ipAddresses": [ # The assigned IP addresses for the instance.
     { # Database instance IP Mapping.
       "ipAddress": "A String", # The IP address assigned.
@@ -2914,7 +2947,7 @@
       "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
     },
     "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
       "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
         { # An entry for an Access Control list.
           "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -2940,6 +2973,13 @@
       "kind": "A String", # This is always **sql#maintenanceWindow**.
       "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
     },
+    "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+      "complexity": "A String", # The complexity of the password.
+      "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+      "minLength": 42, # Minimum number of characters allowed.
+      "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+      "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+    },
     "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
     "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
     "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -2992,15 +3032,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -3039,7 +3079,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1.operations.html

diff --git a/docs/dyn/sqladmin_v1.operations.html b/docs/dyn/sqladmin_v1.operations.html
index 1d2301a..debc89c 100644
--- a/docs/dyn/sqladmin_v1.operations.html
+++ b/docs/dyn/sqladmin_v1.operations.html
@@ -131,15 +131,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -178,7 +178,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -229,15 +229,15 @@
           "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
           "selectQuery": "A String", # The select query used to extract the data.
         },
-        "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+        "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
           "A String",
         ],
-        "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+        "fileType": "A String", # The file type for the specified uri.
         "kind": "A String", # This is always **sql#exportContext**.
         "offload": True or False, # Option for export offload.
         "sqlExportOptions": { # Options for exporting data as SQL statements.
           "mysqlExportOptions": { # Options for exporting from MySQL.
-            "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+            "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
           },
           "schemaOnly": True or False, # Export only schemas.
           "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -276,7 +276,7 @@
       "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
       "selfLink": "A String", # The URI of this resource.
       "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-      "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+      "status": "A String", # The status of an operation.
       "targetId": "A String", # Name of the database instance related to this operation.
       "targetLink": "A String",
       "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1.projects.instances.html

diff --git a/docs/dyn/sqladmin_v1.projects.instances.html b/docs/dyn/sqladmin_v1.projects.instances.html
index 1939e61..9533384 100644
--- a/docs/dyn/sqladmin_v1.projects.instances.html
+++ b/docs/dyn/sqladmin_v1.projects.instances.html
@@ -141,15 +141,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -188,7 +188,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -251,15 +251,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -298,7 +298,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1.sslCerts.html

diff --git a/docs/dyn/sqladmin_v1.sslCerts.html b/docs/dyn/sqladmin_v1.sslCerts.html
index c7b6d77..8293180 100644
--- a/docs/dyn/sqladmin_v1.sslCerts.html
+++ b/docs/dyn/sqladmin_v1.sslCerts.html
@@ -174,15 +174,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -221,7 +221,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -320,15 +320,15 @@
         "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
         "selectQuery": "A String", # The select query used to extract the data.
       },
-      "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+      "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
         "A String",
       ],
-      "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+      "fileType": "A String", # The file type for the specified uri.
       "kind": "A String", # This is always **sql#exportContext**.
       "offload": True or False, # Option for export offload.
       "sqlExportOptions": { # Options for exporting data as SQL statements.
         "mysqlExportOptions": { # Options for exporting from MySQL.
-          "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+          "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
         },
         "schemaOnly": True or False, # Export only schemas.
         "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -367,7 +367,7 @@
     "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
     "selfLink": "A String", # The URI of this resource.
     "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-    "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+    "status": "A String", # The status of an operation.
     "targetId": "A String", # Name of the database instance related to this operation.
     "targetLink": "A String",
     "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1.users.html

diff --git a/docs/dyn/sqladmin_v1.users.html b/docs/dyn/sqladmin_v1.users.html
index 8027613..24fbeb5 100644
--- a/docs/dyn/sqladmin_v1.users.html
+++ b/docs/dyn/sqladmin_v1.users.html
@@ -136,15 +136,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -183,7 +183,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -203,11 +203,20 @@
 
 { # A Cloud SQL user resource.
   "etag": "A String", # This field is deprecated and will be removed from a future version of the API.
-  "host": "A String", # The host name from which the user can connect. For **insert** operations, host defaults to an empty string. For **update** operations, host is specified as part of the request URL. The host name cannot be updated after insertion.
+  "host": "A String", # Optional. The host name from which the user can connect. For **insert** operations, host defaults to an empty string. For **update** operations, host is specified as part of the request URL. The host name cannot be updated after insertion. For a MySQL instance, it's required; for a PostgreSQL or SQL Server instance, it's optional.
   "instance": "A String", # The name of the Cloud SQL instance. This does not include the project ID. Can be omitted for **update** since it is already specified on the URL.
   "kind": "A String", # This is always **sql#user**.
   "name": "A String", # The name of the user in the Cloud SQL instance. Can be omitted for **update** since it is already specified in the URL.
   "password": "A String", # The password for the user.
+  "passwordPolicy": { # User level password validation policy. # User level password validation policy.
+    "allowedFailedAttempts": 42, # Number of failed login attempts allowed before user get locked.
+    "enableFailedAttemptsCheck": True or False, # If true, failed login attempts check will be enabled.
+    "passwordExpirationDuration": "A String", # Expiration duration after password is updated.
+    "status": { # Read-only password status. # Output only. Read-only password status.
+      "locked": True or False, # If true, user does not have login privileges.
+      "passwordExpirationTime": "A String", # The expiration time of the current password.
+    },
+  },
   "project": "A String", # The project ID of the project containing the Cloud SQL database. The Google apps domain is prefixed if applicable. Can be omitted for **update** since it is already specified on the URL.
   "sqlserverUserDetails": { # Represents a Sql Server user on the Cloud SQL instance.
     "disabled": True or False, # If the user has been disabled
@@ -250,15 +259,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -297,7 +306,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -324,11 +333,20 @@
   "items": [ # List of user resources in the instance.
     { # A Cloud SQL user resource.
       "etag": "A String", # This field is deprecated and will be removed from a future version of the API.
-      "host": "A String", # The host name from which the user can connect. For **insert** operations, host defaults to an empty string. For **update** operations, host is specified as part of the request URL. The host name cannot be updated after insertion.
+      "host": "A String", # Optional. The host name from which the user can connect. For **insert** operations, host defaults to an empty string. For **update** operations, host is specified as part of the request URL. The host name cannot be updated after insertion. For a MySQL instance, it's required; for a PostgreSQL or SQL Server instance, it's optional.
       "instance": "A String", # The name of the Cloud SQL instance. This does not include the project ID. Can be omitted for **update** since it is already specified on the URL.
       "kind": "A String", # This is always **sql#user**.
       "name": "A String", # The name of the user in the Cloud SQL instance. Can be omitted for **update** since it is already specified in the URL.
       "password": "A String", # The password for the user.
+      "passwordPolicy": { # User level password validation policy. # User level password validation policy.
+        "allowedFailedAttempts": 42, # Number of failed login attempts allowed before user get locked.
+        "enableFailedAttemptsCheck": True or False, # If true, failed login attempts check will be enabled.
+        "passwordExpirationDuration": "A String", # Expiration duration after password is updated.
+        "status": { # Read-only password status. # Output only. Read-only password status.
+          "locked": True or False, # If true, user does not have login privileges.
+          "passwordExpirationTime": "A String", # The expiration time of the current password.
+        },
+      },
       "project": "A String", # The project ID of the project containing the Cloud SQL database. The Google apps domain is prefixed if applicable. Can be omitted for **update** since it is already specified on the URL.
       "sqlserverUserDetails": { # Represents a Sql Server user on the Cloud SQL instance.
         "disabled": True or False, # If the user has been disabled
@@ -356,11 +374,20 @@
 
 { # A Cloud SQL user resource.
   "etag": "A String", # This field is deprecated and will be removed from a future version of the API.
-  "host": "A String", # The host name from which the user can connect. For **insert** operations, host defaults to an empty string. For **update** operations, host is specified as part of the request URL. The host name cannot be updated after insertion.
+  "host": "A String", # Optional. The host name from which the user can connect. For **insert** operations, host defaults to an empty string. For **update** operations, host is specified as part of the request URL. The host name cannot be updated after insertion. For a MySQL instance, it's required; for a PostgreSQL or SQL Server instance, it's optional.
   "instance": "A String", # The name of the Cloud SQL instance. This does not include the project ID. Can be omitted for **update** since it is already specified on the URL.
   "kind": "A String", # This is always **sql#user**.
   "name": "A String", # The name of the user in the Cloud SQL instance. Can be omitted for **update** since it is already specified in the URL.
   "password": "A String", # The password for the user.
+  "passwordPolicy": { # User level password validation policy. # User level password validation policy.
+    "allowedFailedAttempts": 42, # Number of failed login attempts allowed before user get locked.
+    "enableFailedAttemptsCheck": True or False, # If true, failed login attempts check will be enabled.
+    "passwordExpirationDuration": "A String", # Expiration duration after password is updated.
+    "status": { # Read-only password status. # Output only. Read-only password status.
+      "locked": True or False, # If true, user does not have login privileges.
+      "passwordExpirationTime": "A String", # The expiration time of the current password.
+    },
+  },
   "project": "A String", # The project ID of the project containing the Cloud SQL database. The Google apps domain is prefixed if applicable. Can be omitted for **update** since it is already specified on the URL.
   "sqlserverUserDetails": { # Represents a Sql Server user on the Cloud SQL instance.
     "disabled": True or False, # If the user has been disabled
@@ -405,15 +432,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -452,7 +479,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1beta4.backupRuns.html

diff --git a/docs/dyn/sqladmin_v1beta4.backupRuns.html b/docs/dyn/sqladmin_v1beta4.backupRuns.html
index 2b54ab1..158bf89 100644
--- a/docs/dyn/sqladmin_v1beta4.backupRuns.html
+++ b/docs/dyn/sqladmin_v1beta4.backupRuns.html
@@ -138,15 +138,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -185,7 +185,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -310,15 +310,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -357,7 +357,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1beta4.databases.html

diff --git a/docs/dyn/sqladmin_v1beta4.databases.html b/docs/dyn/sqladmin_v1beta4.databases.html
index 81c939f..be2c60a 100644
--- a/docs/dyn/sqladmin_v1beta4.databases.html
+++ b/docs/dyn/sqladmin_v1beta4.databases.html
@@ -141,15 +141,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -188,7 +188,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -285,15 +285,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -332,7 +332,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -434,15 +434,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -481,7 +481,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -547,15 +547,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -594,7 +594,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1beta4.instances.html

diff --git a/docs/dyn/sqladmin_v1beta4.instances.html b/docs/dyn/sqladmin_v1beta4.instances.html
index 11bd57c..db4dec7 100644
--- a/docs/dyn/sqladmin_v1beta4.instances.html
+++ b/docs/dyn/sqladmin_v1beta4.instances.html
@@ -183,15 +183,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -230,7 +230,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -294,15 +294,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -341,7 +341,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -393,15 +393,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -440,7 +440,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -510,15 +510,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -557,7 +557,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -584,15 +584,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -635,15 +635,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -682,7 +682,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -739,15 +739,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -786,7 +786,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -814,6 +814,7 @@
   "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
   "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
   "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+  "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
   "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
   "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
     "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -829,7 +830,7 @@
     "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
   },
   "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-  "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+  "instanceType": "A String", # The instance type.
   "ipAddresses": [ # The assigned IP addresses for the instance.
     { # Database instance IP Mapping.
       "ipAddress": "A String", # The IP address assigned.
@@ -955,7 +956,7 @@
       "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
     },
     "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
       "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
         { # An entry for an Access Control list.
           "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -981,6 +982,13 @@
       "kind": "A String", # This is always **sql#maintenanceWindow**.
       "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
     },
+    "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+      "complexity": "A String", # The complexity of the password.
+      "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+      "minLength": 42, # Minimum number of characters allowed.
+      "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+      "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+    },
     "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
     "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
     "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -1071,15 +1079,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -1118,7 +1126,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -1140,6 +1148,7 @@
   "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
   "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
   "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+  "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
   "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
   "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
     "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -1155,7 +1164,7 @@
     "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
   },
   "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-  "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+  "instanceType": "A String", # The instance type.
   "ipAddresses": [ # The assigned IP addresses for the instance.
     { # Database instance IP Mapping.
       "ipAddress": "A String", # The IP address assigned.
@@ -1281,7 +1290,7 @@
       "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
     },
     "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
       "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
         { # An entry for an Access Control list.
           "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -1307,6 +1316,13 @@
       "kind": "A String", # This is always **sql#maintenanceWindow**.
       "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
     },
+    "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+      "complexity": "A String", # The complexity of the password.
+      "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+      "minLength": 42, # Minimum number of characters allowed.
+      "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+      "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+    },
     "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
     "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
     "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -1359,15 +1375,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -1406,7 +1422,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -1438,6 +1454,7 @@
       "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
       "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
       "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+      "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
       "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
       "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
         "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -1453,7 +1470,7 @@
         "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
       },
       "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-      "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+      "instanceType": "A String", # The instance type.
       "ipAddresses": [ # The assigned IP addresses for the instance.
         { # Database instance IP Mapping.
           "ipAddress": "A String", # The IP address assigned.
@@ -1579,7 +1596,7 @@
           "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
         },
         "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-          "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+          "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
           "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
             { # An entry for an Access Control list.
               "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -1605,6 +1622,13 @@
           "kind": "A String", # This is always **sql#maintenanceWindow**.
           "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
         },
+        "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+          "complexity": "A String", # The complexity of the password.
+          "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+          "minLength": 42, # Minimum number of characters allowed.
+          "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+          "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+        },
         "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
         "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
         "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -1700,6 +1724,7 @@
   "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
   "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
   "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+  "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
   "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
   "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
     "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -1715,7 +1740,7 @@
     "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
   },
   "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-  "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+  "instanceType": "A String", # The instance type.
   "ipAddresses": [ # The assigned IP addresses for the instance.
     { # Database instance IP Mapping.
       "ipAddress": "A String", # The IP address assigned.
@@ -1841,7 +1866,7 @@
       "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
     },
     "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
       "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
         { # An entry for an Access Control list.
           "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -1867,6 +1892,13 @@
       "kind": "A String", # This is always **sql#maintenanceWindow**.
       "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
     },
+    "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+      "complexity": "A String", # The complexity of the password.
+      "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+      "minLength": 42, # Minimum number of characters allowed.
+      "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+      "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+    },
     "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
     "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
     "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -1919,15 +1951,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -1966,7 +1998,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2013,15 +2045,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2060,7 +2092,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2107,15 +2139,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2154,7 +2186,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2201,15 +2233,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2248,7 +2280,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2307,15 +2339,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2354,7 +2386,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2411,15 +2443,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2458,7 +2490,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2505,15 +2537,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2552,7 +2584,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2599,15 +2631,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2646,7 +2678,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2703,15 +2735,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -2750,7 +2782,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -2773,6 +2805,7 @@
   "connectionName": "A String", # Connection name of the Cloud SQL instance used in connection strings.
   "createTime": "A String", # Output only. The time when the instance was created in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
   "currentDiskSize": "A String", # The current disk usage of the instance in bytes. This property has been deprecated. Use the "cloudsql.googleapis.com/database/disk/bytes_used" metric in Cloud Monitoring API instead. Please see [this announcement](https://groups.google.com/d/msg/google-cloud-sql-announce/I_7-F9EBhT0/BtvFtdFeAgAJ) for details.
+  "databaseInstalledVersion": "A String", # Output only. The databaseInstalledVersion stores the current fully resolved database version running on the instance including minor version such as MYSQL_5_6_50
   "databaseVersion": "A String", # The database engine type and version. The **databaseVersion** field cannot be changed after instance creation.
   "diskEncryptionConfiguration": { # Disk encryption configuration for an instance. # Disk encryption configuration specific to an instance.
     "kind": "A String", # This is always **sql#diskEncryptionConfiguration**.
@@ -2788,7 +2821,7 @@
     "name": "A String", # The name of the failover replica. If specified at instance creation, a failover replica is created for the instance. The name doesn't include the project ID.
   },
   "gceZone": "A String", # The Compute Engine zone that the instance is currently serving from. This value could be different from the zone that was specified when the instance was created if the instance has failed over to its secondary zone.
-  "instanceType": "A String", # The instance type. This can be one of the following: * **CLOUD_SQL_INSTANCE**: A Cloud SQL instance that is not replicating from a primary instance. * **ON_PREMISES_INSTANCE**: An instance running on the customer's premises. * **READ_REPLICA_INSTANCE**: A Cloud SQL instance configured as a read-replica.
+  "instanceType": "A String", # The instance type.
   "ipAddresses": [ # The assigned IP addresses for the instance.
     { # Database instance IP Mapping.
       "ipAddress": "A String", # The IP address assigned.
@@ -2914,7 +2947,7 @@
       "recordClientAddress": True or False, # Whether Query Insights will record client address when enabled.
     },
     "ipConfiguration": { # IP Management configuration. # The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled for Second Generation instances.
-      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.` Reserved for future use.
+      "allocatedIpRange": "A String", # The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with [RFC 1035](https://tools.ietf.org/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?.`
       "authorizedNetworks": [ # The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: **192.168.100.0/24**).
         { # An entry for an Access Control list.
           "expirationTime": "A String", # The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
@@ -2940,6 +2973,13 @@
       "kind": "A String", # This is always **sql#maintenanceWindow**.
       "updateTrack": "A String", # Maintenance timing setting: **canary** (Earlier) or **stable** (Later). [Learn more](https://cloud.google.com/sql/docs/mysql/instance-settings#maintenance-timing-2ndgen).
     },
+    "passwordValidationPolicy": { # Database instance local user password validation policy # The local user password validation policy of the instance.
+      "complexity": "A String", # The complexity of the password.
+      "disallowUsernameSubstring": True or False, # Disallow username as a part of the password.
+      "minLength": 42, # Minimum number of characters allowed.
+      "passwordChangeInterval": "A String", # Minimum interval after which the password can be changed.
+      "reuseInterval": 42, # Number of previous passwords that cannot be reused.
+    },
     "pricingPlan": "A String", # The pricing plan for this instance. This can be either **PER_USE** or **PACKAGE**. Only **PER_USE** is supported for Second Generation instances.
     "replicationType": "A String", # The type of replication this instance uses. This can be either **ASYNCHRONOUS** or **SYNCHRONOUS**. (Deprecated) This property was only applicable to First Generation instances.
     "settingsVersion": "A String", # The version of instance settings. This is a required field for update method to make sure concurrent updates are handled properly. During update, use the most recent settingsVersion value for this instance and do not try to update this value.
@@ -2992,15 +3032,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -3039,7 +3079,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1beta4.operations.html

diff --git a/docs/dyn/sqladmin_v1beta4.operations.html b/docs/dyn/sqladmin_v1beta4.operations.html
index b15cf47..882c037 100644
--- a/docs/dyn/sqladmin_v1beta4.operations.html
+++ b/docs/dyn/sqladmin_v1beta4.operations.html
@@ -131,15 +131,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -178,7 +178,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -229,15 +229,15 @@
           "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
           "selectQuery": "A String", # The select query used to extract the data.
         },
-        "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+        "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
           "A String",
         ],
-        "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+        "fileType": "A String", # The file type for the specified uri.
         "kind": "A String", # This is always **sql#exportContext**.
         "offload": True or False, # Option for export offload.
         "sqlExportOptions": { # Options for exporting data as SQL statements.
           "mysqlExportOptions": { # Options for exporting from MySQL.
-            "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+            "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
           },
           "schemaOnly": True or False, # Export only schemas.
           "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -276,7 +276,7 @@
       "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
       "selfLink": "A String", # The URI of this resource.
       "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-      "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+      "status": "A String", # The status of an operation.
       "targetId": "A String", # Name of the database instance related to this operation.
       "targetLink": "A String",
       "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1beta4.projects.instances.html

diff --git a/docs/dyn/sqladmin_v1beta4.projects.instances.html b/docs/dyn/sqladmin_v1beta4.projects.instances.html
index 3322f99..edd5324 100644
--- a/docs/dyn/sqladmin_v1beta4.projects.instances.html
+++ b/docs/dyn/sqladmin_v1beta4.projects.instances.html
@@ -141,15 +141,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -188,7 +188,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -251,15 +251,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -298,7 +298,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1beta4.sslCerts.html

diff --git a/docs/dyn/sqladmin_v1beta4.sslCerts.html b/docs/dyn/sqladmin_v1beta4.sslCerts.html
index a380338..f9f481d 100644
--- a/docs/dyn/sqladmin_v1beta4.sslCerts.html
+++ b/docs/dyn/sqladmin_v1beta4.sslCerts.html
@@ -174,15 +174,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -221,7 +221,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -320,15 +320,15 @@
         "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
         "selectQuery": "A String", # The select query used to extract the data.
       },
-      "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+      "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
         "A String",
       ],
-      "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+      "fileType": "A String", # The file type for the specified uri.
       "kind": "A String", # This is always **sql#exportContext**.
       "offload": True or False, # Option for export offload.
       "sqlExportOptions": { # Options for exporting data as SQL statements.
         "mysqlExportOptions": { # Options for exporting from MySQL.
-          "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+          "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
         },
         "schemaOnly": True or False, # Export only schemas.
         "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -367,7 +367,7 @@
     "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
     "selfLink": "A String", # The URI of this resource.
     "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-    "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+    "status": "A String", # The status of an operation.
     "targetId": "A String", # Name of the database instance related to this operation.
     "targetLink": "A String",
     "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/sqladmin_v1beta4.users.html

diff --git a/docs/dyn/sqladmin_v1beta4.users.html b/docs/dyn/sqladmin_v1beta4.users.html
index 80bd7de..18317c2 100644
--- a/docs/dyn/sqladmin_v1beta4.users.html
+++ b/docs/dyn/sqladmin_v1beta4.users.html
@@ -136,15 +136,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -183,7 +183,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -203,11 +203,20 @@
 
 { # A Cloud SQL user resource.
   "etag": "A String", # This field is deprecated and will be removed from a future version of the API.
-  "host": "A String", # The host name from which the user can connect. For *insert* operations, host defaults to an empty string. For *update* operations, host is specified as part of the request URL. The host name cannot be updated after insertion.
+  "host": "A String", # Optional. The host name from which the user can connect. For **insert** operations, host defaults to an empty string. For **update** operations, host is specified as part of the request URL. The host name cannot be updated after insertion. For a MySQL instance, it's required; for a PostgreSQL or SQL Server instance, it's optional.
   "instance": "A String", # The name of the Cloud SQL instance. This does not include the project ID. Can be omitted for *update* since it is already specified on the URL.
   "kind": "A String", # This is always *sql#user*.
-  "name": "A String", # The name of the user in the Cloud SQL instance. Can be omitted for *update* since it is already specified in the URL.
+  "name": "A String", # The name of the user in the Cloud SQL instance. Can be omitted for **update** since it is already specified in the URL.
   "password": "A String", # The password for the user.
+  "passwordPolicy": { # User level password validation policy. # User level password validation policy.
+    "allowedFailedAttempts": 42, # Number of failed login attempts allowed before user get locked.
+    "enableFailedAttemptsCheck": True or False, # If true, failed login attempts check will be enabled.
+    "passwordExpirationDuration": "A String", # Expiration duration after password is updated.
+    "status": { # Read-only password status. # Output only. Read-only password status.
+      "locked": True or False, # If true, user does not have login privileges.
+      "passwordExpirationTime": "A String", # The expiration time of the current password.
+    },
+  },
   "project": "A String", # The project ID of the project containing the Cloud SQL database. The Google apps domain is prefixed if applicable. Can be omitted for *update* since it is already specified on the URL.
   "sqlserverUserDetails": { # Represents a Sql Server user on the Cloud SQL instance.
     "disabled": True or False, # If the user has been disabled
@@ -250,15 +259,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -297,7 +306,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.
@@ -324,11 +333,20 @@
   "items": [ # List of user resources in the instance.
     { # A Cloud SQL user resource.
       "etag": "A String", # This field is deprecated and will be removed from a future version of the API.
-      "host": "A String", # The host name from which the user can connect. For *insert* operations, host defaults to an empty string. For *update* operations, host is specified as part of the request URL. The host name cannot be updated after insertion.
+      "host": "A String", # Optional. The host name from which the user can connect. For **insert** operations, host defaults to an empty string. For **update** operations, host is specified as part of the request URL. The host name cannot be updated after insertion. For a MySQL instance, it's required; for a PostgreSQL or SQL Server instance, it's optional.
       "instance": "A String", # The name of the Cloud SQL instance. This does not include the project ID. Can be omitted for *update* since it is already specified on the URL.
       "kind": "A String", # This is always *sql#user*.
-      "name": "A String", # The name of the user in the Cloud SQL instance. Can be omitted for *update* since it is already specified in the URL.
+      "name": "A String", # The name of the user in the Cloud SQL instance. Can be omitted for **update** since it is already specified in the URL.
       "password": "A String", # The password for the user.
+      "passwordPolicy": { # User level password validation policy. # User level password validation policy.
+        "allowedFailedAttempts": 42, # Number of failed login attempts allowed before user get locked.
+        "enableFailedAttemptsCheck": True or False, # If true, failed login attempts check will be enabled.
+        "passwordExpirationDuration": "A String", # Expiration duration after password is updated.
+        "status": { # Read-only password status. # Output only. Read-only password status.
+          "locked": True or False, # If true, user does not have login privileges.
+          "passwordExpirationTime": "A String", # The expiration time of the current password.
+        },
+      },
       "project": "A String", # The project ID of the project containing the Cloud SQL database. The Google apps domain is prefixed if applicable. Can be omitted for *update* since it is already specified on the URL.
       "sqlserverUserDetails": { # Represents a Sql Server user on the Cloud SQL instance.
         "disabled": True or False, # If the user has been disabled
@@ -356,11 +374,20 @@
 
 { # A Cloud SQL user resource.
   "etag": "A String", # This field is deprecated and will be removed from a future version of the API.
-  "host": "A String", # The host name from which the user can connect. For *insert* operations, host defaults to an empty string. For *update* operations, host is specified as part of the request URL. The host name cannot be updated after insertion.
+  "host": "A String", # Optional. The host name from which the user can connect. For **insert** operations, host defaults to an empty string. For **update** operations, host is specified as part of the request URL. The host name cannot be updated after insertion. For a MySQL instance, it's required; for a PostgreSQL or SQL Server instance, it's optional.
   "instance": "A String", # The name of the Cloud SQL instance. This does not include the project ID. Can be omitted for *update* since it is already specified on the URL.
   "kind": "A String", # This is always *sql#user*.
-  "name": "A String", # The name of the user in the Cloud SQL instance. Can be omitted for *update* since it is already specified in the URL.
+  "name": "A String", # The name of the user in the Cloud SQL instance. Can be omitted for **update** since it is already specified in the URL.
   "password": "A String", # The password for the user.
+  "passwordPolicy": { # User level password validation policy. # User level password validation policy.
+    "allowedFailedAttempts": 42, # Number of failed login attempts allowed before user get locked.
+    "enableFailedAttemptsCheck": True or False, # If true, failed login attempts check will be enabled.
+    "passwordExpirationDuration": "A String", # Expiration duration after password is updated.
+    "status": { # Read-only password status. # Output only. Read-only password status.
+      "locked": True or False, # If true, user does not have login privileges.
+      "passwordExpirationTime": "A String", # The expiration time of the current password.
+    },
+  },
   "project": "A String", # The project ID of the project containing the Cloud SQL database. The Google apps domain is prefixed if applicable. Can be omitted for *update* since it is already specified on the URL.
   "sqlserverUserDetails": { # Represents a Sql Server user on the Cloud SQL instance.
     "disabled": True or False, # If the user has been disabled
@@ -405,15 +432,15 @@
       "quoteCharacter": "A String", # Specifies the quoting character to be used when a data value is quoted.
       "selectQuery": "A String", # The select query used to extract the data.
     },
-    "databases": [ # Databases to be exported. * **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. * **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. * **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
+    "databases": [ # Databases to be exported. **MySQL instances:** If **fileType** is **SQL** and no database is specified, all databases are exported, except for the **mysql** system database. If **fileType** is **CSV**, you can specify one database, either by using this property or by using the **csvExportOptions.selectQuery** property, which takes precedence over this property. **PostgreSQL instances:** You must specify one database to be exported. If **fileType** is **CSV**, this database must match the one specified in the **csvExportOptions.selectQuery** property. **SQL Server instances:** You must specify one database to be exported, and the **fileType** must be **BAK**.
       "A String",
     ],
-    "fileType": "A String", # The file type for the specified uri. * **SQL**: The file contains SQL statements. * **CSV**: The file contains CSV data. * **BAK**: The file contains backup data for a SQL Server instance.
+    "fileType": "A String", # The file type for the specified uri.
     "kind": "A String", # This is always **sql#exportContext**.
     "offload": True or False, # Option for export offload.
     "sqlExportOptions": { # Options for exporting data as SQL statements.
       "mysqlExportOptions": { # Options for exporting from MySQL.
-        "masterData": 42, # Option to include SQL statement required to set up replication. * If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. * If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. * If set to any value other than **1**, --set-gtid-purged is set to OFF.
+        "masterData": 42, # Option to include SQL statement required to set up replication. If set to **1**, the dump file includes a CHANGE MASTER TO statement with the binary log coordinates, and --set-gtid-purged is set to ON. If set to **2**, the CHANGE MASTER TO statement is written as a SQL comment and has no effect. If set to any value other than **1**, --set-gtid-purged is set to OFF.
       },
       "schemaOnly": True or False, # Export only schemas.
       "tables": [ # Tables to export, or that were exported, from the specified database. If you specify tables, specify one and only one database. For PostgreSQL instances, you can specify only one table.
@@ -452,7 +479,7 @@
   "operationType": "A String", # The type of the operation. Valid values are: * **CREATE** * **DELETE** * **UPDATE** * **RESTART** * **IMPORT** * **EXPORT** * **BACKUP_VOLUME** * **RESTORE_VOLUME** * **CREATE_USER** * **DELETE_USER** * **CREATE_DATABASE** * **DELETE_DATABASE**
   "selfLink": "A String", # The URI of this resource.
   "startTime": "A String", # The time this operation actually started in UTC timezone in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example **2012-11-15T16:19:00.094Z**.
-  "status": "A String", # The status of an operation. Valid values are: * **PENDING** * **RUNNING** * **DONE** * **SQL_OPERATION_STATUS_UNSPECIFIED**
+  "status": "A String", # The status of an operation.
   "targetId": "A String", # Name of the database instance related to this operation.
   "targetLink": "A String",
   "targetProject": "A String", # The project ID of the target instance related to this operation.

docs/dyn/streetviewpublish_v1.photos.html

diff --git a/docs/dyn/streetviewpublish_v1.photos.html b/docs/dyn/streetviewpublish_v1.photos.html
index 9448bd0..0450978 100644
--- a/docs/dyn/streetviewpublish_v1.photos.html
+++ b/docs/dyn/streetviewpublish_v1.photos.html
@@ -135,7 +135,7 @@
   <pre>Gets the metadata of the specified Photo batch. Note that if BatchGetPhotos fails, either critical fields are missing or there is an authentication error. Even if BatchGetPhotos succeeds, individual photos in the batch may have failures. These failures are specified in each PhotoResponse.status in BatchGetPhotosResponse.results. See GetPhoto for specific failures that can occur per photo.
 
 Args:
-  languageCode: string, The BCP-47 language code, such as &quot;en-US&quot; or &quot;sr-Latn&quot;. For more information, see http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. If language_code is unspecified, the user&#x27;s language preference for Google services is used.
+  languageCode: string, Optional. The BCP-47 language code, such as &quot;en-US&quot; or &quot;sr-Latn&quot;. For more information, see http://www.unicode.org/reports/tr35/#Unicode_locale_identifier. If language_code is unspecified, the user&#x27;s language preference for Google services is used.
   photoIds: string, Required. IDs of the Photos. For HTTP GET requests, the URL query parameter should be `photoIds=&amp;photoIds=&amp;...`. (repeated)
   view: string, Required. Specifies if a download URL for the photo bytes should be returned in the Photo response.
     Allowed values

docs/dyn/sts_v1.v1.html

diff --git a/docs/dyn/sts_v1.v1.html b/docs/dyn/sts_v1.v1.html
index 0ddf0a0..424a826 100644
--- a/docs/dyn/sts_v1.v1.html
+++ b/docs/dyn/sts_v1.v1.html
@@ -82,7 +82,7 @@
 <p class="firstline">Gets information about a Google OAuth 2.0 access token issued by the Google Cloud [Security Token Service API](https://cloud.google.com/iam/docs/reference/sts/rest).</p>
 <p class="toc_element">
   <code><a href="#token">token(body=None, x__xgafv=None)</a></code></p>
-<p class="firstline">Exchanges a credential for a Google OAuth 2.0 access token. The token asserts an external identity within a workload identity pool, or it applies a Credential Access Boundary to a Google access token. When you call this method, do not send the `Authorization` HTTP header in the request. This method does not require the `Authorization` header, and using the header can cause the request to fail.</p>
+<p class="firstline">Exchanges a credential for a Google OAuth 2.0 access token. The token asserts an external identity within an identity pool, or it applies a Credential Access Boundary to a Google access token. When you call this method, do not send the `Authorization` HTTP header in the request. This method does not require the `Authorization` header, and using the header can cause the request to fail.</p>
 <h3>Method Details</h3>
 <div class="method">
     <code class="details" id="close">close()</code>
@@ -124,7 +124,7 @@
 
 <div class="method">
     <code class="details" id="token">token(body=None, x__xgafv=None)</code>
-  <pre>Exchanges a credential for a Google OAuth 2.0 access token. The token asserts an external identity within a workload identity pool, or it applies a Credential Access Boundary to a Google access token. When you call this method, do not send the `Authorization` HTTP header in the request. This method does not require the `Authorization` header, and using the header can cause the request to fail.
+  <pre>Exchanges a credential for a Google OAuth 2.0 access token. The token asserts an external identity within an identity pool, or it applies a Credential Access Boundary to a Google access token. When you call this method, do not send the `Authorization` HTTP header in the request. This method does not require the `Authorization` header, and using the header can cause the request to fail.
 
 Args:
   body: object, The request body.

docs/dyn/texttospeech_v1.voices.html

diff --git a/docs/dyn/texttospeech_v1.voices.html b/docs/dyn/texttospeech_v1.voices.html
index 043c6c9..ba9011e 100644
--- a/docs/dyn/texttospeech_v1.voices.html
+++ b/docs/dyn/texttospeech_v1.voices.html
@@ -91,7 +91,7 @@
   <pre>Returns a list of Voice supported for synthesis.
 
 Args:
-  languageCode: string, Optional. Recommended. [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. If not specified, the API will return all supported voices. If specified, the ListVoices call will only return voices that can be used to synthesize this language_code. E.g. when specifying &quot;en-NZ&quot;, you will get supported &quot;en-NZ&quot; voices; when specifying &quot;no&quot;, you will get supported &quot;no-\*&quot; (Norwegian) and &quot;nb-\*&quot; (Norwegian Bokmal) voices; specifying &quot;zh&quot; will also get supported &quot;cmn-\*&quot; voices; specifying &quot;zh-hk&quot; will also get supported &quot;yue-hk&quot; voices.
+  languageCode: string, Optional. Recommended. [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. If not specified, the API will return all supported voices. If specified, the ListVoices call will only return voices that can be used to synthesize this language_code. E.g. when specifying `&quot;en-NZ&quot;`, you will get supported `&quot;en-NZ&quot;` voices; when specifying `&quot;no&quot;`, you will get supported `&quot;no-\*&quot;` (Norwegian) and `&quot;nb-\*&quot;` (Norwegian Bokmal) voices; specifying `&quot;zh&quot;` will also get supported `&quot;cmn-\*&quot;` voices; specifying `&quot;zh-hk&quot;` will also get supported `&quot;yue-hk&quot;` voices.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/texttospeech_v1beta1.voices.html

diff --git a/docs/dyn/texttospeech_v1beta1.voices.html b/docs/dyn/texttospeech_v1beta1.voices.html
index bf21565..5777807 100644
--- a/docs/dyn/texttospeech_v1beta1.voices.html
+++ b/docs/dyn/texttospeech_v1beta1.voices.html
@@ -91,7 +91,7 @@
   <pre>Returns a list of Voice supported for synthesis.
 
 Args:
-  languageCode: string, Optional. Recommended. [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. If not specified, the API will return all supported voices. If specified, the ListVoices call will only return voices that can be used to synthesize this language_code. E.g. when specifying &quot;en-NZ&quot;, you will get supported &quot;en-NZ&quot; voices; when specifying &quot;no&quot;, you will get supported &quot;no-\*&quot; (Norwegian) and &quot;nb-\*&quot; (Norwegian Bokmal) voices; specifying &quot;zh&quot; will also get supported &quot;cmn-\*&quot; voices; specifying &quot;zh-hk&quot; will also get supported &quot;yue-hk&quot; voices.
+  languageCode: string, Optional. Recommended. [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. If not specified, the API will return all supported voices. If specified, the ListVoices call will only return voices that can be used to synthesize this language_code. E.g. when specifying `&quot;en-NZ&quot;`, you will get supported `&quot;en-NZ&quot;` voices; when specifying `&quot;no&quot;`, you will get supported `&quot;no-\*&quot;` (Norwegian) and `&quot;nb-\*&quot;` (Norwegian Bokmal) voices; specifying `&quot;zh&quot;` will also get supported `&quot;cmn-\*&quot;` voices; specifying `&quot;zh-hk&quot;` will also get supported `&quot;yue-hk&quot;` voices.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format

docs/dyn/tpu_v2alpha1.projects.locations.nodes.html

diff --git a/docs/dyn/tpu_v2alpha1.projects.locations.nodes.html b/docs/dyn/tpu_v2alpha1.projects.locations.nodes.html
index 01c80d3..5cfebfb 100644
--- a/docs/dyn/tpu_v2alpha1.projects.locations.nodes.html
+++ b/docs/dyn/tpu_v2alpha1.projects.locations.nodes.html
@@ -142,6 +142,7 @@
   },
   "name": "A String", # Output only. Immutable. The name of the TPU.
   "networkConfig": { # Network related configurations. # Network configurations for the TPU node.
+    "canIpForward": True or False, # Allows the TPU node to send and receive packets with non-matching destination or source IPs. This is required if you plan to use the TPU workers to forward routes.
     "enableExternalIps": True or False, # Indicates that external IP addresses would be associated with the TPU workers. If set to false, the specified subnetwork or network should have Private Google Access enabled.
     "network": "A String", # The name of the network for the TPU node. It must be a preexisting Google Compute Engine network. If none is provided, "default" will be used.
     "subnetwork": "A String", # The name of the subnetwork for the TPU node. It must be a preexisting Google Compute Engine subnetwork. If none is provided, "default" will be used.
@@ -282,6 +283,7 @@
   },
   "name": "A String", # Output only. Immutable. The name of the TPU.
   "networkConfig": { # Network related configurations. # Network configurations for the TPU node.
+    "canIpForward": True or False, # Allows the TPU node to send and receive packets with non-matching destination or source IPs. This is required if you plan to use the TPU workers to forward routes.
     "enableExternalIps": True or False, # Indicates that external IP addresses would be associated with the TPU workers. If set to false, the specified subnetwork or network should have Private Google Access enabled.
     "network": "A String", # The name of the network for the TPU node. It must be a preexisting Google Compute Engine network. If none is provided, "default" will be used.
     "subnetwork": "A String", # The name of the subnetwork for the TPU node. It must be a preexisting Google Compute Engine subnetwork. If none is provided, "default" will be used.
@@ -405,6 +407,7 @@
       },
       "name": "A String", # Output only. Immutable. The name of the TPU.
       "networkConfig": { # Network related configurations. # Network configurations for the TPU node.
+        "canIpForward": True or False, # Allows the TPU node to send and receive packets with non-matching destination or source IPs. This is required if you plan to use the TPU workers to forward routes.
         "enableExternalIps": True or False, # Indicates that external IP addresses would be associated with the TPU workers. If set to false, the specified subnetwork or network should have Private Google Access enabled.
         "network": "A String", # The name of the network for the TPU node. It must be a preexisting Google Compute Engine network. If none is provided, "default" will be used.
         "subnetwork": "A String", # The name of the subnetwork for the TPU node. It must be a preexisting Google Compute Engine subnetwork. If none is provided, "default" will be used.
@@ -495,6 +498,7 @@
   },
   "name": "A String", # Output only. Immutable. The name of the TPU.
   "networkConfig": { # Network related configurations. # Network configurations for the TPU node.
+    "canIpForward": True or False, # Allows the TPU node to send and receive packets with non-matching destination or source IPs. This is required if you plan to use the TPU workers to forward routes.
     "enableExternalIps": True or False, # Indicates that external IP addresses would be associated with the TPU workers. If set to false, the specified subnetwork or network should have Private Google Access enabled.
     "network": "A String", # The name of the network for the TPU node. It must be a preexisting Google Compute Engine network. If none is provided, "default" will be used.
     "subnetwork": "A String", # The name of the subnetwork for the TPU node. It must be a preexisting Google Compute Engine subnetwork. If none is provided, "default" will be used.

docs/dyn/vmmigration_v1.projects.locations.sources.migratingVms.html

diff --git a/docs/dyn/vmmigration_v1.projects.locations.sources.migratingVms.html b/docs/dyn/vmmigration_v1.projects.locations.sources.migratingVms.html
index a3d0ff2..9d7b5d5 100644
--- a/docs/dyn/vmmigration_v1.projects.locations.sources.migratingVms.html
+++ b/docs/dyn/vmmigration_v1.projects.locations.sources.migratingVms.html
@@ -97,10 +97,10 @@
   <code><a href="#finalizeMigration">finalizeMigration(migratingVm, body=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Marks a migration as completed, deleting migration resources that are no longer being used. Only applicable after cutover is done.</p>
 <p class="toc_element">
-  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
+  <code><a href="#get">get(name, view=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Gets details of a single MigratingVm.</p>
 <p class="toc_element">
-  <code><a href="#list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+  <code><a href="#list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, view=None, x__xgafv=None)</a></code></p>
 <p class="firstline">Lists MigratingVms in a given Source.</p>
 <p class="toc_element">
   <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
@@ -208,6 +208,136 @@
     &quot;idleDuration&quot;: &quot;A String&quot;, # The idle duration between replication stages.
     &quot;skipOsAdaptation&quot;: True or False, # A flag to indicate whether to skip OS adaptation during the replication sync. OS adaptation is a process where the VM&#x27;s operating system undergoes changes and adaptations to fully function on Compute Engine.
   },
+  &quot;recentCloneJobs&quot;: [ # Output only. The recent clone jobs performed on the migrating VM. This field holds the vm&#x27;s last completed clone job and the vm&#x27;s running clone job, if one exists. Note: To have this field populated you need to explicitly request it via the &quot;view&quot; parameter of the Get/List request.
+    { # CloneJob describes the process of creating a clone of a MigratingVM to the requested target based on the latest successful uploaded snapshots. While the migration cycles of a MigratingVm take place, it is possible to verify the uploaded VM can be started in the cloud, by creating a clone. The clone can be created without any downtime, and it is created using the latest snapshots which are already in the cloud. The cloneJob is only responsible for its work, not its products, which means once it is finished, it will never touch the instance it created. It will only delete it in case of the CloneJob being cancelled or upon failure to clone.
+      &quot;computeEngineTargetDetails&quot;: { # ComputeEngineTargetDetails is a collection of details for creating a VM in a target Compute Engine project. # Output only. Details of the target VM in Compute Engine.
+        &quot;appliedLicense&quot;: { # AppliedLicense holds the license data returned by adaptation module report. # The OS license returned from the adaptation module report.
+          &quot;osLicense&quot;: &quot;A String&quot;, # The OS license returned from the adaptation module&#x27;s report.
+          &quot;type&quot;: &quot;A String&quot;, # The license type that was used in OS adaptation.
+        },
+        &quot;bootOption&quot;: &quot;A String&quot;, # The VM Boot Option, as set in the source vm.
+        &quot;computeScheduling&quot;: { # Scheduling information for VM on maintenance/restart behaviour and node allocation in sole tenant nodes. # Compute instance scheduling information (if empty default is used).
+          &quot;minNodeCpus&quot;: 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. Ignored if no node_affinites are configured.
+          &quot;nodeAffinities&quot;: [ # A set of node affinity and anti-affinity configurations for sole tenant nodes.
+            { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled. Based on https://cloud.google.com/compute/docs/reference/rest/v1/instances/setScheduling
+              &quot;key&quot;: &quot;A String&quot;, # The label key of Node resource to reference.
+              &quot;operator&quot;: &quot;A String&quot;, # The operator to use for the node resources specified in the `values` parameter.
+              &quot;values&quot;: [ # Corresponds to the label values of Node resource.
+                &quot;A String&quot;,
+              ],
+            },
+          ],
+          &quot;onHostMaintenance&quot;: &quot;A String&quot;, # How the instance should behave when the host machine undergoes maintenance that may temporarily impact instance performance.
+          &quot;restartType&quot;: &quot;A String&quot;, # Whether the Instance should be automatically restarted whenever it is terminated by Compute Engine (not terminated by user). This configuration is identical to `automaticRestart` field in Compute Engine create instance under scheduling. It was changed to an enum (instead of a boolean) to match the default value in Compute Engine which is automatic restart.
+        },
+        &quot;diskType&quot;: &quot;A String&quot;, # The disk type to use in the VM.
+        &quot;labels&quot;: { # A map of labels to associate with the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;licenseType&quot;: &quot;A String&quot;, # The license type to use in OS adaptation.
+        &quot;machineType&quot;: &quot;A String&quot;, # The machine type to create the VM with.
+        &quot;machineTypeSeries&quot;: &quot;A String&quot;, # The machine type series to create the VM with.
+        &quot;metadata&quot;: { # The metadata key/value pairs to assign to the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;networkInterfaces&quot;: [ # List of NICs connected to this VM.
+          { # NetworkInterface represents a NIC of a VM.
+            &quot;externalIp&quot;: &quot;A String&quot;, # The external IP to define in the NIC.
+            &quot;internalIp&quot;: &quot;A String&quot;, # The internal IP to define in the NIC. The formats accepted are: `ephemeral` \ ipv4 address \ a named address resource full path.
+            &quot;network&quot;: &quot;A String&quot;, # The network to connect the NIC to.
+            &quot;subnetwork&quot;: &quot;A String&quot;, # The subnetwork to connect the NIC to.
+          },
+        ],
+        &quot;networkTags&quot;: [ # A map of network tags to associate with the VM.
+          &quot;A String&quot;,
+        ],
+        &quot;project&quot;: &quot;A String&quot;, # The GCP target project ID or project name.
+        &quot;secureBoot&quot;: True or False, # Defines whether the instance has Secure Boot enabled. This can be set to true only if the vm boot option is EFI.
+        &quot;serviceAccount&quot;: &quot;A String&quot;, # The service account to associate the VM with.
+        &quot;vmName&quot;: &quot;A String&quot;, # The name of the VM to create.
+        &quot;zone&quot;: &quot;A String&quot;, # The zone in which to create the VM.
+      },
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time the clone job was created (as an API call, not when it was actually created in the target).
+      &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Output only. Provides details for the errors that led to the Clone Job&#x27;s state.
+        &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+        &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+          {
+            &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+          },
+        ],
+        &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+      },
+      &quot;name&quot;: &quot;A String&quot;, # The name of the clone.
+      &quot;state&quot;: &quot;A String&quot;, # Output only. State of the clone job.
+      &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The time the state was last updated.
+    },
+  ],
+  &quot;recentCutoverJobs&quot;: [ # Output only. The recent cutover jobs performed on the migrating VM. This field holds the vm&#x27;s last completed cutover job and the vm&#x27;s running cutover job, if one exists. Note: To have this field populated you need to explicitly request it via the &quot;view&quot; parameter of the Get/List request.
+    { # CutoverJob message describes a cutover of a migrating VM. The CutoverJob is the operation of shutting down the VM, creating a snapshot and clonning the VM using the replicated snapshot.
+      &quot;computeEngineTargetDetails&quot;: { # ComputeEngineTargetDetails is a collection of details for creating a VM in a target Compute Engine project. # Output only. Details of the target VM in Compute Engine.
+        &quot;appliedLicense&quot;: { # AppliedLicense holds the license data returned by adaptation module report. # The OS license returned from the adaptation module report.
+          &quot;osLicense&quot;: &quot;A String&quot;, # The OS license returned from the adaptation module&#x27;s report.
+          &quot;type&quot;: &quot;A String&quot;, # The license type that was used in OS adaptation.
+        },
+        &quot;bootOption&quot;: &quot;A String&quot;, # The VM Boot Option, as set in the source vm.
+        &quot;computeScheduling&quot;: { # Scheduling information for VM on maintenance/restart behaviour and node allocation in sole tenant nodes. # Compute instance scheduling information (if empty default is used).
+          &quot;minNodeCpus&quot;: 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. Ignored if no node_affinites are configured.
+          &quot;nodeAffinities&quot;: [ # A set of node affinity and anti-affinity configurations for sole tenant nodes.
+            { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled. Based on https://cloud.google.com/compute/docs/reference/rest/v1/instances/setScheduling
+              &quot;key&quot;: &quot;A String&quot;, # The label key of Node resource to reference.
+              &quot;operator&quot;: &quot;A String&quot;, # The operator to use for the node resources specified in the `values` parameter.
+              &quot;values&quot;: [ # Corresponds to the label values of Node resource.
+                &quot;A String&quot;,
+              ],
+            },
+          ],
+          &quot;onHostMaintenance&quot;: &quot;A String&quot;, # How the instance should behave when the host machine undergoes maintenance that may temporarily impact instance performance.
+          &quot;restartType&quot;: &quot;A String&quot;, # Whether the Instance should be automatically restarted whenever it is terminated by Compute Engine (not terminated by user). This configuration is identical to `automaticRestart` field in Compute Engine create instance under scheduling. It was changed to an enum (instead of a boolean) to match the default value in Compute Engine which is automatic restart.
+        },
+        &quot;diskType&quot;: &quot;A String&quot;, # The disk type to use in the VM.
+        &quot;labels&quot;: { # A map of labels to associate with the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;licenseType&quot;: &quot;A String&quot;, # The license type to use in OS adaptation.
+        &quot;machineType&quot;: &quot;A String&quot;, # The machine type to create the VM with.
+        &quot;machineTypeSeries&quot;: &quot;A String&quot;, # The machine type series to create the VM with.
+        &quot;metadata&quot;: { # The metadata key/value pairs to assign to the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;networkInterfaces&quot;: [ # List of NICs connected to this VM.
+          { # NetworkInterface represents a NIC of a VM.
+            &quot;externalIp&quot;: &quot;A String&quot;, # The external IP to define in the NIC.
+            &quot;internalIp&quot;: &quot;A String&quot;, # The internal IP to define in the NIC. The formats accepted are: `ephemeral` \ ipv4 address \ a named address resource full path.
+            &quot;network&quot;: &quot;A String&quot;, # The network to connect the NIC to.
+            &quot;subnetwork&quot;: &quot;A String&quot;, # The subnetwork to connect the NIC to.
+          },
+        ],
+        &quot;networkTags&quot;: [ # A map of network tags to associate with the VM.
+          &quot;A String&quot;,
+        ],
+        &quot;project&quot;: &quot;A String&quot;, # The GCP target project ID or project name.
+        &quot;secureBoot&quot;: True or False, # Defines whether the instance has Secure Boot enabled. This can be set to true only if the vm boot option is EFI.
+        &quot;serviceAccount&quot;: &quot;A String&quot;, # The service account to associate the VM with.
+        &quot;vmName&quot;: &quot;A String&quot;, # The name of the VM to create.
+        &quot;zone&quot;: &quot;A String&quot;, # The zone in which to create the VM.
+      },
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time the cutover job was created (as an API call, not when it was actually created in the target).
+      &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Output only. Provides details for the errors that led to the Cutover Job&#x27;s state.
+        &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+        &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+          {
+            &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+          },
+        ],
+        &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+      },
+      &quot;name&quot;: &quot;A String&quot;, # Output only. The name of the cutover job.
+      &quot;progressPercent&quot;: 42, # Output only. The current progress in percentage of the cutover job.
+      &quot;state&quot;: &quot;A String&quot;, # Output only. State of the cutover job.
+      &quot;stateMessage&quot;: &quot;A String&quot;, # Output only. A message providing possible extra details about the current state.
+      &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The time the state was last updated.
+    },
+  ],
   &quot;sourceVmId&quot;: &quot;A String&quot;, # The unique ID of the VM in the source. The VM&#x27;s name in vSphere can be changed, so this is not the VM&#x27;s name but rather its moRef id. This id is of the form vm-.
   &quot;state&quot;: &quot;A String&quot;, # Output only. State of the MigratingVm.
   &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The last time the migrating VM state was updated.
@@ -322,11 +452,16 @@
 </div>
 
 <div class="method">
-    <code class="details" id="get">get(name, x__xgafv=None)</code>
+    <code class="details" id="get">get(name, view=None, x__xgafv=None)</code>
   <pre>Gets details of a single MigratingVm.
 
 Args:
   name: string, Required. The name of the MigratingVm. (required)
+  view: string, Optional. The level of details of the migrating VM.
+    Allowed values
+      MIGRATING_VM_VIEW_UNSPECIFIED - View is unspecified. The API will fallback to the default value.
+      MIGRATING_VM_VIEW_BASIC - Get the migrating VM basic details. The basic details do not include the recent clone jobs and recent cutover jobs lists.
+      MIGRATING_VM_VIEW_FULL - Include everything.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -411,6 +546,136 @@
     &quot;idleDuration&quot;: &quot;A String&quot;, # The idle duration between replication stages.
     &quot;skipOsAdaptation&quot;: True or False, # A flag to indicate whether to skip OS adaptation during the replication sync. OS adaptation is a process where the VM&#x27;s operating system undergoes changes and adaptations to fully function on Compute Engine.
   },
+  &quot;recentCloneJobs&quot;: [ # Output only. The recent clone jobs performed on the migrating VM. This field holds the vm&#x27;s last completed clone job and the vm&#x27;s running clone job, if one exists. Note: To have this field populated you need to explicitly request it via the &quot;view&quot; parameter of the Get/List request.
+    { # CloneJob describes the process of creating a clone of a MigratingVM to the requested target based on the latest successful uploaded snapshots. While the migration cycles of a MigratingVm take place, it is possible to verify the uploaded VM can be started in the cloud, by creating a clone. The clone can be created without any downtime, and it is created using the latest snapshots which are already in the cloud. The cloneJob is only responsible for its work, not its products, which means once it is finished, it will never touch the instance it created. It will only delete it in case of the CloneJob being cancelled or upon failure to clone.
+      &quot;computeEngineTargetDetails&quot;: { # ComputeEngineTargetDetails is a collection of details for creating a VM in a target Compute Engine project. # Output only. Details of the target VM in Compute Engine.
+        &quot;appliedLicense&quot;: { # AppliedLicense holds the license data returned by adaptation module report. # The OS license returned from the adaptation module report.
+          &quot;osLicense&quot;: &quot;A String&quot;, # The OS license returned from the adaptation module&#x27;s report.
+          &quot;type&quot;: &quot;A String&quot;, # The license type that was used in OS adaptation.
+        },
+        &quot;bootOption&quot;: &quot;A String&quot;, # The VM Boot Option, as set in the source vm.
+        &quot;computeScheduling&quot;: { # Scheduling information for VM on maintenance/restart behaviour and node allocation in sole tenant nodes. # Compute instance scheduling information (if empty default is used).
+          &quot;minNodeCpus&quot;: 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. Ignored if no node_affinites are configured.
+          &quot;nodeAffinities&quot;: [ # A set of node affinity and anti-affinity configurations for sole tenant nodes.
+            { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled. Based on https://cloud.google.com/compute/docs/reference/rest/v1/instances/setScheduling
+              &quot;key&quot;: &quot;A String&quot;, # The label key of Node resource to reference.
+              &quot;operator&quot;: &quot;A String&quot;, # The operator to use for the node resources specified in the `values` parameter.
+              &quot;values&quot;: [ # Corresponds to the label values of Node resource.
+                &quot;A String&quot;,
+              ],
+            },
+          ],
+          &quot;onHostMaintenance&quot;: &quot;A String&quot;, # How the instance should behave when the host machine undergoes maintenance that may temporarily impact instance performance.
+          &quot;restartType&quot;: &quot;A String&quot;, # Whether the Instance should be automatically restarted whenever it is terminated by Compute Engine (not terminated by user). This configuration is identical to `automaticRestart` field in Compute Engine create instance under scheduling. It was changed to an enum (instead of a boolean) to match the default value in Compute Engine which is automatic restart.
+        },
+        &quot;diskType&quot;: &quot;A String&quot;, # The disk type to use in the VM.
+        &quot;labels&quot;: { # A map of labels to associate with the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;licenseType&quot;: &quot;A String&quot;, # The license type to use in OS adaptation.
+        &quot;machineType&quot;: &quot;A String&quot;, # The machine type to create the VM with.
+        &quot;machineTypeSeries&quot;: &quot;A String&quot;, # The machine type series to create the VM with.
+        &quot;metadata&quot;: { # The metadata key/value pairs to assign to the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;networkInterfaces&quot;: [ # List of NICs connected to this VM.
+          { # NetworkInterface represents a NIC of a VM.
+            &quot;externalIp&quot;: &quot;A String&quot;, # The external IP to define in the NIC.
+            &quot;internalIp&quot;: &quot;A String&quot;, # The internal IP to define in the NIC. The formats accepted are: `ephemeral` \ ipv4 address \ a named address resource full path.
+            &quot;network&quot;: &quot;A String&quot;, # The network to connect the NIC to.
+            &quot;subnetwork&quot;: &quot;A String&quot;, # The subnetwork to connect the NIC to.
+          },
+        ],
+        &quot;networkTags&quot;: [ # A map of network tags to associate with the VM.
+          &quot;A String&quot;,
+        ],
+        &quot;project&quot;: &quot;A String&quot;, # The GCP target project ID or project name.
+        &quot;secureBoot&quot;: True or False, # Defines whether the instance has Secure Boot enabled. This can be set to true only if the vm boot option is EFI.
+        &quot;serviceAccount&quot;: &quot;A String&quot;, # The service account to associate the VM with.
+        &quot;vmName&quot;: &quot;A String&quot;, # The name of the VM to create.
+        &quot;zone&quot;: &quot;A String&quot;, # The zone in which to create the VM.
+      },
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time the clone job was created (as an API call, not when it was actually created in the target).
+      &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Output only. Provides details for the errors that led to the Clone Job&#x27;s state.
+        &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+        &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+          {
+            &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+          },
+        ],
+        &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+      },
+      &quot;name&quot;: &quot;A String&quot;, # The name of the clone.
+      &quot;state&quot;: &quot;A String&quot;, # Output only. State of the clone job.
+      &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The time the state was last updated.
+    },
+  ],
+  &quot;recentCutoverJobs&quot;: [ # Output only. The recent cutover jobs performed on the migrating VM. This field holds the vm&#x27;s last completed cutover job and the vm&#x27;s running cutover job, if one exists. Note: To have this field populated you need to explicitly request it via the &quot;view&quot; parameter of the Get/List request.
+    { # CutoverJob message describes a cutover of a migrating VM. The CutoverJob is the operation of shutting down the VM, creating a snapshot and clonning the VM using the replicated snapshot.
+      &quot;computeEngineTargetDetails&quot;: { # ComputeEngineTargetDetails is a collection of details for creating a VM in a target Compute Engine project. # Output only. Details of the target VM in Compute Engine.
+        &quot;appliedLicense&quot;: { # AppliedLicense holds the license data returned by adaptation module report. # The OS license returned from the adaptation module report.
+          &quot;osLicense&quot;: &quot;A String&quot;, # The OS license returned from the adaptation module&#x27;s report.
+          &quot;type&quot;: &quot;A String&quot;, # The license type that was used in OS adaptation.
+        },
+        &quot;bootOption&quot;: &quot;A String&quot;, # The VM Boot Option, as set in the source vm.
+        &quot;computeScheduling&quot;: { # Scheduling information for VM on maintenance/restart behaviour and node allocation in sole tenant nodes. # Compute instance scheduling information (if empty default is used).
+          &quot;minNodeCpus&quot;: 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. Ignored if no node_affinites are configured.
+          &quot;nodeAffinities&quot;: [ # A set of node affinity and anti-affinity configurations for sole tenant nodes.
+            { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled. Based on https://cloud.google.com/compute/docs/reference/rest/v1/instances/setScheduling
+              &quot;key&quot;: &quot;A String&quot;, # The label key of Node resource to reference.
+              &quot;operator&quot;: &quot;A String&quot;, # The operator to use for the node resources specified in the `values` parameter.
+              &quot;values&quot;: [ # Corresponds to the label values of Node resource.
+                &quot;A String&quot;,
+              ],
+            },
+          ],
+          &quot;onHostMaintenance&quot;: &quot;A String&quot;, # How the instance should behave when the host machine undergoes maintenance that may temporarily impact instance performance.
+          &quot;restartType&quot;: &quot;A String&quot;, # Whether the Instance should be automatically restarted whenever it is terminated by Compute Engine (not terminated by user). This configuration is identical to `automaticRestart` field in Compute Engine create instance under scheduling. It was changed to an enum (instead of a boolean) to match the default value in Compute Engine which is automatic restart.
+        },
+        &quot;diskType&quot;: &quot;A String&quot;, # The disk type to use in the VM.
+        &quot;labels&quot;: { # A map of labels to associate with the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;licenseType&quot;: &quot;A String&quot;, # The license type to use in OS adaptation.
+        &quot;machineType&quot;: &quot;A String&quot;, # The machine type to create the VM with.
+        &quot;machineTypeSeries&quot;: &quot;A String&quot;, # The machine type series to create the VM with.
+        &quot;metadata&quot;: { # The metadata key/value pairs to assign to the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;networkInterfaces&quot;: [ # List of NICs connected to this VM.
+          { # NetworkInterface represents a NIC of a VM.
+            &quot;externalIp&quot;: &quot;A String&quot;, # The external IP to define in the NIC.
+            &quot;internalIp&quot;: &quot;A String&quot;, # The internal IP to define in the NIC. The formats accepted are: `ephemeral` \ ipv4 address \ a named address resource full path.
+            &quot;network&quot;: &quot;A String&quot;, # The network to connect the NIC to.
+            &quot;subnetwork&quot;: &quot;A String&quot;, # The subnetwork to connect the NIC to.
+          },
+        ],
+        &quot;networkTags&quot;: [ # A map of network tags to associate with the VM.
+          &quot;A String&quot;,
+        ],
+        &quot;project&quot;: &quot;A String&quot;, # The GCP target project ID or project name.
+        &quot;secureBoot&quot;: True or False, # Defines whether the instance has Secure Boot enabled. This can be set to true only if the vm boot option is EFI.
+        &quot;serviceAccount&quot;: &quot;A String&quot;, # The service account to associate the VM with.
+        &quot;vmName&quot;: &quot;A String&quot;, # The name of the VM to create.
+        &quot;zone&quot;: &quot;A String&quot;, # The zone in which to create the VM.
+      },
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time the cutover job was created (as an API call, not when it was actually created in the target).
+      &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Output only. Provides details for the errors that led to the Cutover Job&#x27;s state.
+        &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+        &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+          {
+            &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+          },
+        ],
+        &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+      },
+      &quot;name&quot;: &quot;A String&quot;, # Output only. The name of the cutover job.
+      &quot;progressPercent&quot;: 42, # Output only. The current progress in percentage of the cutover job.
+      &quot;state&quot;: &quot;A String&quot;, # Output only. State of the cutover job.
+      &quot;stateMessage&quot;: &quot;A String&quot;, # Output only. A message providing possible extra details about the current state.
+      &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The time the state was last updated.
+    },
+  ],
   &quot;sourceVmId&quot;: &quot;A String&quot;, # The unique ID of the VM in the source. The VM&#x27;s name in vSphere can be changed, so this is not the VM&#x27;s name but rather its moRef id. This id is of the form vm-.
   &quot;state&quot;: &quot;A String&quot;, # Output only. State of the MigratingVm.
   &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The last time the migrating VM state was updated.
@@ -419,7 +684,7 @@
 </div>
 
 <div class="method">
-    <code class="details" id="list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</code>
+    <code class="details" id="list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, view=None, x__xgafv=None)</code>
   <pre>Lists MigratingVms in a given Source.
 
 Args:
@@ -428,6 +693,11 @@
   orderBy: string, Optional. the order by fields for the result.
   pageSize: integer, Optional. The maximum number of migrating VMs to return. The service may return fewer than this value. If unspecified, at most 500 migrating VMs will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
   pageToken: string, Required. A page token, received from a previous `ListMigratingVms` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListMigratingVms` must match the call that provided the page token.
+  view: string, Optional. The level of details of each migrating VM.
+    Allowed values
+      MIGRATING_VM_VIEW_UNSPECIFIED - View is unspecified. The API will fallback to the default value.
+      MIGRATING_VM_VIEW_BASIC - Get the migrating VM basic details. The basic details do not include the recent clone jobs and recent cutover jobs lists.
+      MIGRATING_VM_VIEW_FULL - Include everything.
   x__xgafv: string, V1 error format.
     Allowed values
       1 - v1 error format
@@ -514,6 +784,136 @@
         &quot;idleDuration&quot;: &quot;A String&quot;, # The idle duration between replication stages.
         &quot;skipOsAdaptation&quot;: True or False, # A flag to indicate whether to skip OS adaptation during the replication sync. OS adaptation is a process where the VM&#x27;s operating system undergoes changes and adaptations to fully function on Compute Engine.
       },
+      &quot;recentCloneJobs&quot;: [ # Output only. The recent clone jobs performed on the migrating VM. This field holds the vm&#x27;s last completed clone job and the vm&#x27;s running clone job, if one exists. Note: To have this field populated you need to explicitly request it via the &quot;view&quot; parameter of the Get/List request.
+        { # CloneJob describes the process of creating a clone of a MigratingVM to the requested target based on the latest successful uploaded snapshots. While the migration cycles of a MigratingVm take place, it is possible to verify the uploaded VM can be started in the cloud, by creating a clone. The clone can be created without any downtime, and it is created using the latest snapshots which are already in the cloud. The cloneJob is only responsible for its work, not its products, which means once it is finished, it will never touch the instance it created. It will only delete it in case of the CloneJob being cancelled or upon failure to clone.
+          &quot;computeEngineTargetDetails&quot;: { # ComputeEngineTargetDetails is a collection of details for creating a VM in a target Compute Engine project. # Output only. Details of the target VM in Compute Engine.
+            &quot;appliedLicense&quot;: { # AppliedLicense holds the license data returned by adaptation module report. # The OS license returned from the adaptation module report.
+              &quot;osLicense&quot;: &quot;A String&quot;, # The OS license returned from the adaptation module&#x27;s report.
+              &quot;type&quot;: &quot;A String&quot;, # The license type that was used in OS adaptation.
+            },
+            &quot;bootOption&quot;: &quot;A String&quot;, # The VM Boot Option, as set in the source vm.
+            &quot;computeScheduling&quot;: { # Scheduling information for VM on maintenance/restart behaviour and node allocation in sole tenant nodes. # Compute instance scheduling information (if empty default is used).
+              &quot;minNodeCpus&quot;: 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. Ignored if no node_affinites are configured.
+              &quot;nodeAffinities&quot;: [ # A set of node affinity and anti-affinity configurations for sole tenant nodes.
+                { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled. Based on https://cloud.google.com/compute/docs/reference/rest/v1/instances/setScheduling
+                  &quot;key&quot;: &quot;A String&quot;, # The label key of Node resource to reference.
+                  &quot;operator&quot;: &quot;A String&quot;, # The operator to use for the node resources specified in the `values` parameter.
+                  &quot;values&quot;: [ # Corresponds to the label values of Node resource.
+                    &quot;A String&quot;,
+                  ],
+                },
+              ],
+              &quot;onHostMaintenance&quot;: &quot;A String&quot;, # How the instance should behave when the host machine undergoes maintenance that may temporarily impact instance performance.
+              &quot;restartType&quot;: &quot;A String&quot;, # Whether the Instance should be automatically restarted whenever it is terminated by Compute Engine (not terminated by user). This configuration is identical to `automaticRestart` field in Compute Engine create instance under scheduling. It was changed to an enum (instead of a boolean) to match the default value in Compute Engine which is automatic restart.
+            },
+            &quot;diskType&quot;: &quot;A String&quot;, # The disk type to use in the VM.
+            &quot;labels&quot;: { # A map of labels to associate with the VM.
+              &quot;a_key&quot;: &quot;A String&quot;,
+            },
+            &quot;licenseType&quot;: &quot;A String&quot;, # The license type to use in OS adaptation.
+            &quot;machineType&quot;: &quot;A String&quot;, # The machine type to create the VM with.
+            &quot;machineTypeSeries&quot;: &quot;A String&quot;, # The machine type series to create the VM with.
+            &quot;metadata&quot;: { # The metadata key/value pairs to assign to the VM.
+              &quot;a_key&quot;: &quot;A String&quot;,
+            },
+            &quot;networkInterfaces&quot;: [ # List of NICs connected to this VM.
+              { # NetworkInterface represents a NIC of a VM.
+                &quot;externalIp&quot;: &quot;A String&quot;, # The external IP to define in the NIC.
+                &quot;internalIp&quot;: &quot;A String&quot;, # The internal IP to define in the NIC. The formats accepted are: `ephemeral` \ ipv4 address \ a named address resource full path.
+                &quot;network&quot;: &quot;A String&quot;, # The network to connect the NIC to.
+                &quot;subnetwork&quot;: &quot;A String&quot;, # The subnetwork to connect the NIC to.
+              },
+            ],
+            &quot;networkTags&quot;: [ # A map of network tags to associate with the VM.
+              &quot;A String&quot;,
+            ],
+            &quot;project&quot;: &quot;A String&quot;, # The GCP target project ID or project name.
+            &quot;secureBoot&quot;: True or False, # Defines whether the instance has Secure Boot enabled. This can be set to true only if the vm boot option is EFI.
+            &quot;serviceAccount&quot;: &quot;A String&quot;, # The service account to associate the VM with.
+            &quot;vmName&quot;: &quot;A String&quot;, # The name of the VM to create.
+            &quot;zone&quot;: &quot;A String&quot;, # The zone in which to create the VM.
+          },
+          &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time the clone job was created (as an API call, not when it was actually created in the target).
+          &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Output only. Provides details for the errors that led to the Clone Job&#x27;s state.
+            &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+            &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+              {
+                &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+              },
+            ],
+            &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+          },
+          &quot;name&quot;: &quot;A String&quot;, # The name of the clone.
+          &quot;state&quot;: &quot;A String&quot;, # Output only. State of the clone job.
+          &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The time the state was last updated.
+        },
+      ],
+      &quot;recentCutoverJobs&quot;: [ # Output only. The recent cutover jobs performed on the migrating VM. This field holds the vm&#x27;s last completed cutover job and the vm&#x27;s running cutover job, if one exists. Note: To have this field populated you need to explicitly request it via the &quot;view&quot; parameter of the Get/List request.
+        { # CutoverJob message describes a cutover of a migrating VM. The CutoverJob is the operation of shutting down the VM, creating a snapshot and clonning the VM using the replicated snapshot.
+          &quot;computeEngineTargetDetails&quot;: { # ComputeEngineTargetDetails is a collection of details for creating a VM in a target Compute Engine project. # Output only. Details of the target VM in Compute Engine.
+            &quot;appliedLicense&quot;: { # AppliedLicense holds the license data returned by adaptation module report. # The OS license returned from the adaptation module report.
+              &quot;osLicense&quot;: &quot;A String&quot;, # The OS license returned from the adaptation module&#x27;s report.
+              &quot;type&quot;: &quot;A String&quot;, # The license type that was used in OS adaptation.
+            },
+            &quot;bootOption&quot;: &quot;A String&quot;, # The VM Boot Option, as set in the source vm.
+            &quot;computeScheduling&quot;: { # Scheduling information for VM on maintenance/restart behaviour and node allocation in sole tenant nodes. # Compute instance scheduling information (if empty default is used).
+              &quot;minNodeCpus&quot;: 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. Ignored if no node_affinites are configured.
+              &quot;nodeAffinities&quot;: [ # A set of node affinity and anti-affinity configurations for sole tenant nodes.
+                { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled. Based on https://cloud.google.com/compute/docs/reference/rest/v1/instances/setScheduling
+                  &quot;key&quot;: &quot;A String&quot;, # The label key of Node resource to reference.
+                  &quot;operator&quot;: &quot;A String&quot;, # The operator to use for the node resources specified in the `values` parameter.
+                  &quot;values&quot;: [ # Corresponds to the label values of Node resource.
+                    &quot;A String&quot;,
+                  ],
+                },
+              ],
+              &quot;onHostMaintenance&quot;: &quot;A String&quot;, # How the instance should behave when the host machine undergoes maintenance that may temporarily impact instance performance.
+              &quot;restartType&quot;: &quot;A String&quot;, # Whether the Instance should be automatically restarted whenever it is terminated by Compute Engine (not terminated by user). This configuration is identical to `automaticRestart` field in Compute Engine create instance under scheduling. It was changed to an enum (instead of a boolean) to match the default value in Compute Engine which is automatic restart.
+            },
+            &quot;diskType&quot;: &quot;A String&quot;, # The disk type to use in the VM.
+            &quot;labels&quot;: { # A map of labels to associate with the VM.
+              &quot;a_key&quot;: &quot;A String&quot;,
+            },
+            &quot;licenseType&quot;: &quot;A String&quot;, # The license type to use in OS adaptation.
+            &quot;machineType&quot;: &quot;A String&quot;, # The machine type to create the VM with.
+            &quot;machineTypeSeries&quot;: &quot;A String&quot;, # The machine type series to create the VM with.
+            &quot;metadata&quot;: { # The metadata key/value pairs to assign to the VM.
+              &quot;a_key&quot;: &quot;A String&quot;,
+            },
+            &quot;networkInterfaces&quot;: [ # List of NICs connected to this VM.
+              { # NetworkInterface represents a NIC of a VM.
+                &quot;externalIp&quot;: &quot;A String&quot;, # The external IP to define in the NIC.
+                &quot;internalIp&quot;: &quot;A String&quot;, # The internal IP to define in the NIC. The formats accepted are: `ephemeral` \ ipv4 address \ a named address resource full path.
+                &quot;network&quot;: &quot;A String&quot;, # The network to connect the NIC to.
+                &quot;subnetwork&quot;: &quot;A String&quot;, # The subnetwork to connect the NIC to.
+              },
+            ],
+            &quot;networkTags&quot;: [ # A map of network tags to associate with the VM.
+              &quot;A String&quot;,
+            ],
+            &quot;project&quot;: &quot;A String&quot;, # The GCP target project ID or project name.
+            &quot;secureBoot&quot;: True or False, # Defines whether the instance has Secure Boot enabled. This can be set to true only if the vm boot option is EFI.
+            &quot;serviceAccount&quot;: &quot;A String&quot;, # The service account to associate the VM with.
+            &quot;vmName&quot;: &quot;A String&quot;, # The name of the VM to create.
+            &quot;zone&quot;: &quot;A String&quot;, # The zone in which to create the VM.
+          },
+          &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time the cutover job was created (as an API call, not when it was actually created in the target).
+          &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Output only. Provides details for the errors that led to the Cutover Job&#x27;s state.
+            &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+            &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+              {
+                &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+              },
+            ],
+            &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+          },
+          &quot;name&quot;: &quot;A String&quot;, # Output only. The name of the cutover job.
+          &quot;progressPercent&quot;: 42, # Output only. The current progress in percentage of the cutover job.
+          &quot;state&quot;: &quot;A String&quot;, # Output only. State of the cutover job.
+          &quot;stateMessage&quot;: &quot;A String&quot;, # Output only. A message providing possible extra details about the current state.
+          &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The time the state was last updated.
+        },
+      ],
       &quot;sourceVmId&quot;: &quot;A String&quot;, # The unique ID of the VM in the source. The VM&#x27;s name in vSphere can be changed, so this is not the VM&#x27;s name but rather its moRef id. This id is of the form vm-.
       &quot;state&quot;: &quot;A String&quot;, # Output only. State of the MigratingVm.
       &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The last time the migrating VM state was updated.
@@ -626,6 +1026,136 @@
     &quot;idleDuration&quot;: &quot;A String&quot;, # The idle duration between replication stages.
     &quot;skipOsAdaptation&quot;: True or False, # A flag to indicate whether to skip OS adaptation during the replication sync. OS adaptation is a process where the VM&#x27;s operating system undergoes changes and adaptations to fully function on Compute Engine.
   },
+  &quot;recentCloneJobs&quot;: [ # Output only. The recent clone jobs performed on the migrating VM. This field holds the vm&#x27;s last completed clone job and the vm&#x27;s running clone job, if one exists. Note: To have this field populated you need to explicitly request it via the &quot;view&quot; parameter of the Get/List request.
+    { # CloneJob describes the process of creating a clone of a MigratingVM to the requested target based on the latest successful uploaded snapshots. While the migration cycles of a MigratingVm take place, it is possible to verify the uploaded VM can be started in the cloud, by creating a clone. The clone can be created without any downtime, and it is created using the latest snapshots which are already in the cloud. The cloneJob is only responsible for its work, not its products, which means once it is finished, it will never touch the instance it created. It will only delete it in case of the CloneJob being cancelled or upon failure to clone.
+      &quot;computeEngineTargetDetails&quot;: { # ComputeEngineTargetDetails is a collection of details for creating a VM in a target Compute Engine project. # Output only. Details of the target VM in Compute Engine.
+        &quot;appliedLicense&quot;: { # AppliedLicense holds the license data returned by adaptation module report. # The OS license returned from the adaptation module report.
+          &quot;osLicense&quot;: &quot;A String&quot;, # The OS license returned from the adaptation module&#x27;s report.
+          &quot;type&quot;: &quot;A String&quot;, # The license type that was used in OS adaptation.
+        },
+        &quot;bootOption&quot;: &quot;A String&quot;, # The VM Boot Option, as set in the source vm.
+        &quot;computeScheduling&quot;: { # Scheduling information for VM on maintenance/restart behaviour and node allocation in sole tenant nodes. # Compute instance scheduling information (if empty default is used).
+          &quot;minNodeCpus&quot;: 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. Ignored if no node_affinites are configured.
+          &quot;nodeAffinities&quot;: [ # A set of node affinity and anti-affinity configurations for sole tenant nodes.
+            { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled. Based on https://cloud.google.com/compute/docs/reference/rest/v1/instances/setScheduling
+              &quot;key&quot;: &quot;A String&quot;, # The label key of Node resource to reference.
+              &quot;operator&quot;: &quot;A String&quot;, # The operator to use for the node resources specified in the `values` parameter.
+              &quot;values&quot;: [ # Corresponds to the label values of Node resource.
+                &quot;A String&quot;,
+              ],
+            },
+          ],
+          &quot;onHostMaintenance&quot;: &quot;A String&quot;, # How the instance should behave when the host machine undergoes maintenance that may temporarily impact instance performance.
+          &quot;restartType&quot;: &quot;A String&quot;, # Whether the Instance should be automatically restarted whenever it is terminated by Compute Engine (not terminated by user). This configuration is identical to `automaticRestart` field in Compute Engine create instance under scheduling. It was changed to an enum (instead of a boolean) to match the default value in Compute Engine which is automatic restart.
+        },
+        &quot;diskType&quot;: &quot;A String&quot;, # The disk type to use in the VM.
+        &quot;labels&quot;: { # A map of labels to associate with the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;licenseType&quot;: &quot;A String&quot;, # The license type to use in OS adaptation.
+        &quot;machineType&quot;: &quot;A String&quot;, # The machine type to create the VM with.
+        &quot;machineTypeSeries&quot;: &quot;A String&quot;, # The machine type series to create the VM with.
+        &quot;metadata&quot;: { # The metadata key/value pairs to assign to the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;networkInterfaces&quot;: [ # List of NICs connected to this VM.
+          { # NetworkInterface represents a NIC of a VM.
+            &quot;externalIp&quot;: &quot;A String&quot;, # The external IP to define in the NIC.
+            &quot;internalIp&quot;: &quot;A String&quot;, # The internal IP to define in the NIC. The formats accepted are: `ephemeral` \ ipv4 address \ a named address resource full path.
+            &quot;network&quot;: &quot;A String&quot;, # The network to connect the NIC to.
+            &quot;subnetwork&quot;: &quot;A String&quot;, # The subnetwork to connect the NIC to.
+          },
+        ],
+        &quot;networkTags&quot;: [ # A map of network tags to associate with the VM.
+          &quot;A String&quot;,
+        ],
+        &quot;project&quot;: &quot;A String&quot;, # The GCP target project ID or project name.
+        &quot;secureBoot&quot;: True or False, # Defines whether the instance has Secure Boot enabled. This can be set to true only if the vm boot option is EFI.
+        &quot;serviceAccount&quot;: &quot;A String&quot;, # The service account to associate the VM with.
+        &quot;vmName&quot;: &quot;A String&quot;, # The name of the VM to create.
+        &quot;zone&quot;: &quot;A String&quot;, # The zone in which to create the VM.
+      },
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time the clone job was created (as an API call, not when it was actually created in the target).
+      &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Output only. Provides details for the errors that led to the Clone Job&#x27;s state.
+        &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+        &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+          {
+            &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+          },
+        ],
+        &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+      },
+      &quot;name&quot;: &quot;A String&quot;, # The name of the clone.
+      &quot;state&quot;: &quot;A String&quot;, # Output only. State of the clone job.
+      &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The time the state was last updated.
+    },
+  ],
+  &quot;recentCutoverJobs&quot;: [ # Output only. The recent cutover jobs performed on the migrating VM. This field holds the vm&#x27;s last completed cutover job and the vm&#x27;s running cutover job, if one exists. Note: To have this field populated you need to explicitly request it via the &quot;view&quot; parameter of the Get/List request.
+    { # CutoverJob message describes a cutover of a migrating VM. The CutoverJob is the operation of shutting down the VM, creating a snapshot and clonning the VM using the replicated snapshot.
+      &quot;computeEngineTargetDetails&quot;: { # ComputeEngineTargetDetails is a collection of details for creating a VM in a target Compute Engine project. # Output only. Details of the target VM in Compute Engine.
+        &quot;appliedLicense&quot;: { # AppliedLicense holds the license data returned by adaptation module report. # The OS license returned from the adaptation module report.
+          &quot;osLicense&quot;: &quot;A String&quot;, # The OS license returned from the adaptation module&#x27;s report.
+          &quot;type&quot;: &quot;A String&quot;, # The license type that was used in OS adaptation.
+        },
+        &quot;bootOption&quot;: &quot;A String&quot;, # The VM Boot Option, as set in the source vm.
+        &quot;computeScheduling&quot;: { # Scheduling information for VM on maintenance/restart behaviour and node allocation in sole tenant nodes. # Compute instance scheduling information (if empty default is used).
+          &quot;minNodeCpus&quot;: 42, # The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. Ignored if no node_affinites are configured.
+          &quot;nodeAffinities&quot;: [ # A set of node affinity and anti-affinity configurations for sole tenant nodes.
+            { # Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled. Based on https://cloud.google.com/compute/docs/reference/rest/v1/instances/setScheduling
+              &quot;key&quot;: &quot;A String&quot;, # The label key of Node resource to reference.
+              &quot;operator&quot;: &quot;A String&quot;, # The operator to use for the node resources specified in the `values` parameter.
+              &quot;values&quot;: [ # Corresponds to the label values of Node resource.
+                &quot;A String&quot;,
+              ],
+            },
+          ],
+          &quot;onHostMaintenance&quot;: &quot;A String&quot;, # How the instance should behave when the host machine undergoes maintenance that may temporarily impact instance performance.
+          &quot;restartType&quot;: &quot;A String&quot;, # Whether the Instance should be automatically restarted whenever it is terminated by Compute Engine (not terminated by user). This configuration is identical to `automaticRestart` field in Compute Engine create instance under scheduling. It was changed to an enum (instead of a boolean) to match the default value in Compute Engine which is automatic restart.
+        },
+        &quot;diskType&quot;: &quot;A String&quot;, # The disk type to use in the VM.
+        &quot;labels&quot;: { # A map of labels to associate with the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;licenseType&quot;: &quot;A String&quot;, # The license type to use in OS adaptation.
+        &quot;machineType&quot;: &quot;A String&quot;, # The machine type to create the VM with.
+        &quot;machineTypeSeries&quot;: &quot;A String&quot;, # The machine type series to create the VM with.
+        &quot;metadata&quot;: { # The metadata key/value pairs to assign to the VM.
+          &quot;a_key&quot;: &quot;A String&quot;,
+        },
+        &quot;networkInterfaces&quot;: [ # List of NICs connected to this VM.
+          { # NetworkInterface represents a NIC of a VM.
+            &quot;externalIp&quot;: &quot;A String&quot;, # The external IP to define in the NIC.
+            &quot;internalIp&quot;: &quot;A String&quot;, # The internal IP to define in the NIC. The formats accepted are: `ephemeral` \ ipv4 address \ a named address resource full path.
+            &quot;network&quot;: &quot;A String&quot;, # The network to connect the NIC to.
+            &quot;subnetwork&quot;: &quot;A String&quot;, # The subnetwork to connect the NIC to.
+          },
+        ],
+        &quot;networkTags&quot;: [ # A map of network tags to associate with the VM.
+          &quot;A String&quot;,
+        ],
+        &quot;project&quot;: &quot;A String&quot;, # The GCP target project ID or project name.
+        &quot;secureBoot&quot;: True or False, # Defines whether the instance has Secure Boot enabled. This can be set to true only if the vm boot option is EFI.
+        &quot;serviceAccount&quot;: &quot;A String&quot;, # The service account to associate the VM with.
+        &quot;vmName&quot;: &quot;A String&quot;, # The name of the VM to create.
+        &quot;zone&quot;: &quot;A String&quot;, # The zone in which to create the VM.
+      },
+      &quot;createTime&quot;: &quot;A String&quot;, # Output only. The time the cutover job was created (as an API call, not when it was actually created in the target).
+      &quot;error&quot;: { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # Output only. Provides details for the errors that led to the Cutover Job&#x27;s state.
+        &quot;code&quot;: 42, # The status code, which should be an enum value of google.rpc.Code.
+        &quot;details&quot;: [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
+          {
+            &quot;a_key&quot;: &quot;&quot;, # Properties of the object. Contains field @type with type URL.
+          },
+        ],
+        &quot;message&quot;: &quot;A String&quot;, # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
+      },
+      &quot;name&quot;: &quot;A String&quot;, # Output only. The name of the cutover job.
+      &quot;progressPercent&quot;: 42, # Output only. The current progress in percentage of the cutover job.
+      &quot;state&quot;: &quot;A String&quot;, # Output only. State of the cutover job.
+      &quot;stateMessage&quot;: &quot;A String&quot;, # Output only. A message providing possible extra details about the current state.
+      &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The time the state was last updated.
+    },
+  ],
   &quot;sourceVmId&quot;: &quot;A String&quot;, # The unique ID of the VM in the source. The VM&#x27;s name in vSphere can be changed, so this is not the VM&#x27;s name but rather its moRef id. This id is of the form vm-.
   &quot;state&quot;: &quot;A String&quot;, # Output only. State of the MigratingVm.
   &quot;stateTime&quot;: &quot;A String&quot;, # Output only. The last time the migrating VM state was updated.

docs/dyn/vmmigration_v1alpha1.projects.locations.sources.migratingVms.html

diff --git a/docs/dyn/vmmigration_v1alpha1.projects.locations.sources.migratingVms.html b/docs/dyn/vmmigration_v1alpha1.projects.locations.sources.migratingVms.html
index ddb6829..c094a5a 100644
--- a/docs/dyn/vmmigration_v1alpha1.projects.locations.sources.migratingVms.html
+++ b/docs/dyn/vmmigration_v1alpha1.projects.locations.sources.migratingVms.html
@@ -782,7 +782,7 @@
   name: string, Required. The name of the MigratingVm. (required)
   view: string, Optional. The level of details of the migrating VM.
     Allowed values
-      MIGRATING_VM_VIEW_UNSPECIFIED - The default / unset value. Will fallback to FULL.
+      MIGRATING_VM_VIEW_UNSPECIFIED - View is unspecified. The API will fallback to the default value.
       MIGRATING_VM_VIEW_BASIC - Get the migrating VM basic details. The basic details do not include the recent clone jobs and recent cutover jobs lists.
       MIGRATING_VM_VIEW_FULL - Include everything.
   x__xgafv: string, V1 error format.
@@ -1341,7 +1341,7 @@
   pageToken: string, Required. A page token, received from a previous `ListMigratingVms` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListMigratingVms` must match the call that provided the page token.
   view: string, Optional. The level of details of each migrating VM.
     Allowed values
-      MIGRATING_VM_VIEW_UNSPECIFIED - The default / unset value. Will fallback to FULL.
+      MIGRATING_VM_VIEW_UNSPECIFIED - View is unspecified. The API will fallback to the default value.
       MIGRATING_VM_VIEW_BASIC - Get the migrating VM basic details. The basic details do not include the recent clone jobs and recent cutover jobs lists.
       MIGRATING_VM_VIEW_FULL - Include everything.
   x__xgafv: string, V1 error format.