docs: update generated docs (#981)
diff --git a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html
index eb59a8c..01d8634 100644
--- a/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html
+++ b/docs/dyn/healthcare_v1beta1.projects.locations.datasets.html
@@ -115,7 +115,7 @@
<code><a href="#getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</a></code></p>
<p class="firstline">Gets the access control policy for a resource.</p>
<p class="toc_element">
- <code><a href="#list">list(parent, pageToken=None, pageSize=None, x__xgafv=None)</a></code></p>
+ <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
<p class="firstline">Lists the health datasets in the current project.</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
@@ -147,17 +147,17 @@
The object takes the form of:
{ # A message representing a health dataset.
- #
- # A health dataset represents a collection of healthcare data pertaining to one
- # or more patients. This may include multiple modalities of healthcare data,
- # such as electronic medical records or medical imaging data.
- "name": "A String", # Output only. Resource name of the dataset, of the form
- # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
- "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
- # time zone name such as "America/New_York" or empty, which defaults to UTC.
- # This is used for parsing times in resources, such as HL7 messages, where no
- # explicit timezone is specified.
-}
+ #
+ # A health dataset represents a collection of healthcare data pertaining to one
+ # or more patients. This may include multiple modalities of healthcare data,
+ # such as electronic medical records or medical imaging data.
+ "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
+ # time zone name such as "America/New_York" or empty, which defaults to UTC.
+ # This is used for parsing times in resources, such as HL7 messages, where no
+ # explicit timezone is specified.
+ "name": "A String", # Resource name of the dataset, of the form
+ # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
+ }
datasetId: string, The ID of the dataset that is being created.
The string must match the following regex: `[\p{L}\p{N}_\-\.]{1,256}`.
@@ -171,15 +171,36 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
+ },
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
# long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If `true`, the operation is completed, and either `error` or `response` is
- # available.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -190,27 +211,6 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should be a resource name ending with `operations/{unique_id}`.
- "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
- # different programming environments, including REST APIs and RPC APIs. It is
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
- # three pieces of data: error code, error message, and error details.
- #
- # You can find out more about this error model and how to work with it in the
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
- "details": [ # A list of messages that carry the error details. There is a common set of
- # message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- },
}</pre>
</div>
@@ -244,65 +244,7 @@
# Each submessage customizes the handling of an
# https://tools.ietf.org/html/rfc6838 media type or subtype. Configs are
# applied in a nested manner at runtime.
- "text": { # Configures de-identification of text wherever it is found in the
- # source_dataset.
- "transformations": [ # The transformations to apply to the detected data.
- { # A transformation to apply to text that is identified as a specific
- # info_type.
- "dateShiftConfig": { # Shift a date forward or backward in time by a random amount which is # Config for date shift.
- # consistent for a given patient and crypto key combination.
- "cryptoKey": "A String", # An AES 128/192/256 bit key. Causes the shift to be computed based on this
- # key and the patient ID. A default key is generated for each
- # Deidentify operation and is used wherever crypto_key is not specified.
- },
- "characterMaskConfig": { # Mask a string by replacing its characters with a fixed character. # Config for character mask.
- "maskingCharacter": "A String", # Character to mask the sensitive values. If not supplied, defaults to "*".
- },
- "redactConfig": { # Define how to redact sensitive values. Default behaviour is erase. # Config for text redaction.
- # For example, "My name is Jane." becomes "My name is ."
- },
- "infoTypes": [ # InfoTypes to apply this transformation to. If this is not specified, this
- # transformation becomes the default transformation, and is used for any
- # info_type that is not specified in another transformation.
- "A String",
- ],
- "replaceWithInfoTypeConfig": { # When using the # Config for replace with InfoType.
- # INSPECT_AND_TRANSFORM
- # action, each match is replaced with the name of the info_type. For example,
- # "My name is Jane" becomes "My name is [PERSON_NAME]." The
- # TRANSFORM
- # action is equivalent to redacting.
- },
- "cryptoHashConfig": { # Pseudonymization method that generates surrogates via cryptographic hashing. # Config for crypto hash.
- # Uses SHA-256.
- # Outputs a base64-encoded representation of the hashed output.
- # For example, `L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=`.
- "cryptoKey": "A String", # An AES 128/192/256 bit key. Causes the hash to be computed based on this
- # key. A default key is generated for each Deidentify operation and is used
- # wherever crypto_key is not specified.
- },
- },
- ],
- },
"dicom": { # Specifies the parameters needed for de-identification of DICOM stores. # Configures de-id of application/DICOM content.
- "filterProfile": "A String", # Tag filtering profile that determines which tags to keep/remove.
- "skipIdRedaction": True or False, # If true, skip replacing StudyInstanceUID, SeriesInstanceUID,
- # SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched.
- # The Cloud Healthcare API regenerates these UIDs by default based on the
- # DICOM Standard's reasoning: "Whilst these UIDs cannot be mapped directly
- # to an individual out of context, given access to the original images, or
- # to a database of the original images containing the UIDs, it would be
- # possible to recover the individual's identity."
- # http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html
- "keepList": { # List of tags to be filtered. # List of tags to keep. Remove all other tags.
- "tags": [ # Tags to be filtered. Tags must be DICOM Data Elements, File Meta
- # Elements, or Directory Structuring Elements, as defined at:
- # http://dicom.nema.org/medical/dicom/current/output/html/part06.html#table_6-1,.
- # They may be provided by "Keyword" or "Tag". For example, "PatientID",
- # "00100010".
- "A String",
- ],
- },
"removeList": { # List of tags to be filtered. # List of tags to remove. Keep all other tags.
"tags": [ # Tags to be filtered. Tags must be DICOM Data Elements, File Meta
# Elements, or Directory Structuring Elements, as defined at:
@@ -312,6 +254,28 @@
"A String",
],
},
+ "keepList": { # List of tags to be filtered. # List of tags to keep. Remove all other tags.
+ "tags": [ # Tags to be filtered. Tags must be DICOM Data Elements, File Meta
+ # Elements, or Directory Structuring Elements, as defined at:
+ # http://dicom.nema.org/medical/dicom/current/output/html/part06.html#table_6-1,.
+ # They may be provided by "Keyword" or "Tag". For example, "PatientID",
+ # "00100010".
+ "A String",
+ ],
+ },
+ "filterProfile": "A String", # Tag filtering profile that determines which tags to keep/remove.
+ "skipIdRedaction": True or False, # If true, skip replacing StudyInstanceUID, SeriesInstanceUID,
+ # SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched.
+ # The Cloud Healthcare API regenerates these UIDs by default based on the
+ # DICOM Standard's reasoning: "Whilst these UIDs cannot be mapped directly
+ # to an individual out of context, given access to the original images, or
+ # to a database of the original images containing the UIDs, it would be
+ # possible to recover the individual's identity."
+ # http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html
+ },
+ "image": { # Specifies how to handle de-identification of image pixels. # Configures de-identification of image pixels wherever they are found in the
+ # source_dataset.
+ "textRedactionMode": "A String", # Determines how to redact text from image.
},
"fhir": { # Specifies how to handle de-identification of a FHIR store. # Configures de-id of application/FHIR content.
"fieldMetadataList": [ # Specifies FHIR paths to match and how to transform them. Any field that
@@ -342,9 +306,63 @@
},
],
},
- "image": { # Specifies how to handle de-identification of image pixels. # Configures de-identification of image pixels wherever they are found in the
+ "annotation": { # Specifies how to store annotations during de-identification operation. # Configures how annotations, meaning that the location and infoType
+ # of sensitive information findings, are created during de-identification.
+ # If unspecified, no annotations are created.
+ "storeQuote": True or False, # If set to true, the sensitive texts are included in
+ # SensitiveTextAnnotation
+ # of Annotation.
+ "annotationStoreName": "A String", # The name of the annotation store, in the form
+ # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`).
+ #
+ # * The destination annotation store must be in the same project as the
+ # source data. De-identifying data across multiple projects is not
+ # supported.
+ # * The destination annotation store must exist when using
+ # DeidentifyDicomStore or
+ # DeidentifyFhirStore.
+ # DeidentifyDataset
+ # automatically creates the destination annotation store.
+ },
+ "text": { # Configures de-identification of text wherever it is found in the
# source_dataset.
- "textRedactionMode": "A String", # Determines how to redact text from image.
+ "transformations": [ # The transformations to apply to the detected data.
+ { # A transformation to apply to text that is identified as a specific
+ # info_type.
+ "replaceWithInfoTypeConfig": { # When using the # Config for replace with InfoType.
+ # INSPECT_AND_TRANSFORM
+ # action, each match is replaced with the name of the info_type. For example,
+ # "My name is Jane" becomes "My name is [PERSON_NAME]." The
+ # TRANSFORM
+ # action is equivalent to redacting.
+ },
+ "characterMaskConfig": { # Mask a string by replacing its characters with a fixed character. # Config for character mask.
+ "maskingCharacter": "A String", # Character to mask the sensitive values. If not supplied, defaults to "*".
+ },
+ "redactConfig": { # Define how to redact sensitive values. Default behaviour is erase. # Config for text redaction.
+ # For example, "My name is Jane." becomes "My name is ."
+ },
+ "infoTypes": [ # InfoTypes to apply this transformation to. If this is not specified, this
+ # transformation becomes the default transformation, and is used for any
+ # info_type that is not specified in another transformation.
+ "A String",
+ ],
+ "dateShiftConfig": { # Shift a date forward or backward in time by a random amount which is # Config for date shift.
+ # consistent for a given patient and crypto key combination.
+ "cryptoKey": "A String", # An AES 128/192/256 bit key. Causes the shift to be computed based on this
+ # key and the patient ID. A default key is generated for each
+ # Deidentify operation and is used wherever crypto_key is not specified.
+ },
+ "cryptoHashConfig": { # Pseudonymization method that generates surrogates via cryptographic hashing. # Config for crypto hash.
+ # Uses SHA-256.
+ # Outputs a base64-encoded representation of the hashed output.
+ # For example, `L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=`.
+ "cryptoKey": "A String", # An AES 128/192/256 bit key. Causes the hash to be computed based on this
+ # key. A default key is generated for each Deidentify operation and is used
+ # wherever crypto_key is not specified.
+ },
+ },
+ ],
},
},
"destinationDataset": "A String", # The name of the dataset resource to create and write the redacted data to.
@@ -365,15 +383,36 @@
{ # This resource represents a long-running operation that is the result of a
# network API call.
+ "done": True or False, # If the value is `false`, it means the operation is still in progress.
+ # If `true`, the operation is completed, and either `error` or `response` is
+ # available.
+ "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
+ # different programming environments, including REST APIs and RPC APIs. It is
+ # used by [gRPC](https://github.com/grpc). Each `Status` message contains
+ # three pieces of data: error code, error message, and error details.
+ #
+ # You can find out more about this error model and how to work with it in the
+ # [API Design Guide](https://cloud.google.com/apis/design/errors).
+ "code": 42, # The status code, which should be an enum value of google.rpc.Code.
+ "message": "A String", # A developer-facing error message, which should be in English. Any
+ # user-facing error message should be localized and sent in the
+ # google.rpc.Status.details field, or localized by the client.
+ "details": [ # A list of messages that carry the error details. There is a common set of
+ # message types for APIs to use.
+ {
+ "a_key": "", # Properties of the object. Contains field @type with type URL.
+ },
+ ],
+ },
"metadata": { # Service-specific metadata associated with the operation. It typically
# contains progress information and common metadata such as create time.
# Some services might not provide such metadata. Any method that returns a
# long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "done": True or False, # If the value is `false`, it means the operation is still in progress.
- # If `true`, the operation is completed, and either `error` or `response` is
- # available.
+ "name": "A String", # The server-assigned name, which is only unique within the same service that
+ # originally returns it. If you use the default HTTP mapping, the
+ # `name` should be a resource name ending with `operations/{unique_id}`.
"response": { # The normal response of the operation in case of success. If the original
# method returns no data on success, such as `Delete`, the response is
# `google.protobuf.Empty`. If the original method is standard
@@ -384,27 +423,6 @@
# `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
- "name": "A String", # The server-assigned name, which is only unique within the same service that
- # originally returns it. If you use the default HTTP mapping, the
- # `name` should be a resource name ending with `operations/{unique_id}`.
- "error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.
- # different programming environments, including REST APIs and RPC APIs. It is
- # used by [gRPC](https://github.com/grpc). Each `Status` message contains
- # three pieces of data: error code, error message, and error details.
- #
- # You can find out more about this error model and how to work with it in the
- # [API Design Guide](https://cloud.google.com/apis/design/errors).
- "details": [ # A list of messages that carry the error details. There is a common set of
- # message types for APIs to use.
- {
- "a_key": "", # Properties of the object. Contains field @type with type URL.
- },
- ],
- "code": 42, # The status code, which should be an enum value of google.rpc.Code.
- "message": "A String", # A developer-facing error message, which should be in English. Any
- # user-facing error message should be localized and sent in the
- # google.rpc.Status.details field, or localized by the client.
- },
}</pre>
</div>
@@ -453,17 +471,17 @@
An object of the form:
{ # A message representing a health dataset.
- #
- # A health dataset represents a collection of healthcare data pertaining to one
- # or more patients. This may include multiple modalities of healthcare data,
- # such as electronic medical records or medical imaging data.
- "name": "A String", # Output only. Resource name of the dataset, of the form
- # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
- "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
- # time zone name such as "America/New_York" or empty, which defaults to UTC.
- # This is used for parsing times in resources, such as HL7 messages, where no
- # explicit timezone is specified.
- }</pre>
+ #
+ # A health dataset represents a collection of healthcare data pertaining to one
+ # or more patients. This may include multiple modalities of healthcare data,
+ # such as electronic medical records or medical imaging data.
+ "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
+ # time zone name such as "America/New_York" or empty, which defaults to UTC.
+ # This is used for parsing times in resources, such as HL7 messages, where no
+ # explicit timezone is specified.
+ "name": "A String", # Resource name of the dataset, of the form
+ # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
+ }</pre>
</div>
<div class="method">
@@ -562,127 +580,6 @@
#
# For a description of IAM and its features, see the
# [IAM documentation](https://cloud.google.com/iam/docs/).
- "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
- # prevent simultaneous updates of a policy from overwriting each other.
- # It is strongly suggested that systems make use of the `etag` in the
- # read-modify-write cycle to perform policy updates in order to avoid race
- # conditions: An `etag` is returned in the response to `getIamPolicy`, and
- # systems are expected to put that etag in the request to `setIamPolicy` to
- # ensure that their change will be applied to the same version of the policy.
- #
- # **Important:** If you use IAM Conditions, you must include the `etag` field
- # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
- # you to overwrite a version `3` policy with a version `1` policy, and all of
- # the conditions in the version `3` policy are lost.
- "version": 42, # Specifies the format of the policy.
- #
- # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
- # are rejected.
- #
- # Any operation that affects conditional role bindings must specify version
- # `3`. This requirement applies to the following operations:
- #
- # * Getting a policy that includes a conditional role binding
- # * Adding a conditional role binding to a policy
- # * Changing a conditional role binding in a policy
- # * Removing any role binding, with or without a condition, from a policy
- # that includes conditions
- #
- # **Important:** If you use IAM Conditions, you must include the `etag` field
- # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
- # you to overwrite a version `3` policy with a version `1` policy, and all of
- # the conditions in the version `3` policy are lost.
- #
- # If a policy does not include any conditions, operations on that policy may
- # specify any valid version or leave the field unset.
- #
- # To learn which resources support conditions in their IAM policies, see the
- # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
- "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
- { # Specifies the audit configuration for a service.
- # The configuration determines which permission types are logged, and what
- # identities, if any, are exempted from logging.
- # An AuditConfig must have one or more AuditLogConfigs.
- #
- # If there are AuditConfigs for both `allServices` and a specific service,
- # the union of the two AuditConfigs is used for that service: the log_types
- # specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditLogConfig are exempted.
- #
- # Example Policy with multiple AuditConfigs:
- #
- # {
- # "audit_configs": [
- # {
- # "service": "allServices"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:jose@example.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # },
- # {
- # "log_type": "ADMIN_READ",
- # }
- # ]
- # },
- # {
- # "service": "sampleservice.googleapis.com"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # },
- # {
- # "log_type": "DATA_WRITE",
- # "exempted_members": [
- # "user:aliya@example.com"
- # ]
- # }
- # ]
- # }
- # ]
- # }
- #
- # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
- # logging. It also exempts jose@example.com from DATA_READ logging, and
- # aliya@example.com from DATA_WRITE logging.
- "auditLogConfigs": [ # The configuration for logging of each type of permission.
- { # Provides the configuration for logging a type of permissions.
- # Example:
- #
- # {
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:jose@example.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # }
- # ]
- # }
- #
- # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
- # jose@example.com from DATA_READ logging.
- "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
- # permission.
- # Follows the same format of Binding.members.
- "A String",
- ],
- "logType": "A String", # The log type that this config enables.
- },
- ],
- "service": "A String", # Specifies a service that will be enabled for audit logging.
- # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
- # `allServices` is a special value that covers all services.
- },
- ],
"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a
# `condition` that determines how and when the `bindings` are applied. Each
# of the `bindings` must contain at least one member.
@@ -729,15 +626,15 @@
# The exact variables and functions that may be referenced within an expression
# are determined by the service that evaluates it. See the service
# documentation for additional information.
- "expression": "A String", # Textual representation of an expression in Common Expression Language
- # syntax.
"title": "A String", # Optional. Title for the expression, i.e. a short string describing
# its purpose. This can be used e.g. in UIs which allow to enter the
# expression.
- "location": "A String", # Optional. String indicating the location of the expression for error
- # reporting, e.g. a file name and a position in the file.
"description": "A String", # Optional. Description of the expression. This is a longer text which
# describes the expression, e.g. when hovered over it in a UI.
+ "expression": "A String", # Textual representation of an expression in Common Expression Language
+ # syntax.
+ "location": "A String", # Optional. String indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
},
"members": [ # Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
@@ -788,19 +685,140 @@
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
},
],
+ "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
+ # prevent simultaneous updates of a policy from overwriting each other.
+ # It is strongly suggested that systems make use of the `etag` in the
+ # read-modify-write cycle to perform policy updates in order to avoid race
+ # conditions: An `etag` is returned in the response to `getIamPolicy`, and
+ # systems are expected to put that etag in the request to `setIamPolicy` to
+ # ensure that their change will be applied to the same version of the policy.
+ #
+ # **Important:** If you use IAM Conditions, you must include the `etag` field
+ # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+ # you to overwrite a version `3` policy with a version `1` policy, and all of
+ # the conditions in the version `3` policy are lost.
+ "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+ { # Specifies the audit configuration for a service.
+ # The configuration determines which permission types are logged, and what
+ # identities, if any, are exempted from logging.
+ # An AuditConfig must have one or more AuditLogConfigs.
+ #
+ # If there are AuditConfigs for both `allServices` and a specific service,
+ # the union of the two AuditConfigs is used for that service: the log_types
+ # specified in each AuditConfig are enabled, and the exempted_members in each
+ # AuditLogConfig are exempted.
+ #
+ # Example Policy with multiple AuditConfigs:
+ #
+ # {
+ # "audit_configs": [
+ # {
+ # "service": "allServices",
+ # "audit_log_configs": [
+ # {
+ # "log_type": "DATA_READ",
+ # "exempted_members": [
+ # "user:jose@example.com"
+ # ]
+ # },
+ # {
+ # "log_type": "DATA_WRITE"
+ # },
+ # {
+ # "log_type": "ADMIN_READ"
+ # }
+ # ]
+ # },
+ # {
+ # "service": "sampleservice.googleapis.com",
+ # "audit_log_configs": [
+ # {
+ # "log_type": "DATA_READ"
+ # },
+ # {
+ # "log_type": "DATA_WRITE",
+ # "exempted_members": [
+ # "user:aliya@example.com"
+ # ]
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ #
+ # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
+ # logging. It also exempts jose@example.com from DATA_READ logging, and
+ # aliya@example.com from DATA_WRITE logging.
+ "auditLogConfigs": [ # The configuration for logging of each type of permission.
+ { # Provides the configuration for logging a type of permissions.
+ # Example:
+ #
+ # {
+ # "audit_log_configs": [
+ # {
+ # "log_type": "DATA_READ",
+ # "exempted_members": [
+ # "user:jose@example.com"
+ # ]
+ # },
+ # {
+ # "log_type": "DATA_WRITE"
+ # }
+ # ]
+ # }
+ #
+ # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
+ # jose@example.com from DATA_READ logging.
+ "logType": "A String", # The log type that this config enables.
+ "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
+ # permission.
+ # Follows the same format of Binding.members.
+ "A String",
+ ],
+ },
+ ],
+ "service": "A String", # Specifies a service that will be enabled for audit logging.
+ # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
+ # `allServices` is a special value that covers all services.
+ },
+ ],
+ "version": 42, # Specifies the format of the policy.
+ #
+ # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
+ # are rejected.
+ #
+ # Any operation that affects conditional role bindings must specify version
+ # `3`. This requirement applies to the following operations:
+ #
+ # * Getting a policy that includes a conditional role binding
+ # * Adding a conditional role binding to a policy
+ # * Changing a conditional role binding in a policy
+ # * Removing any role binding, with or without a condition, from a policy
+ # that includes conditions
+ #
+ # **Important:** If you use IAM Conditions, you must include the `etag` field
+ # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+ # you to overwrite a version `3` policy with a version `1` policy, and all of
+ # the conditions in the version `3` policy are lost.
+ #
+ # If a policy does not include any conditions, operations on that policy may
+ # specify any valid version or leave the field unset.
+ #
+ # To learn which resources support conditions in their IAM policies, see the
+ # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
}</pre>
</div>
<div class="method">
- <code class="details" id="list">list(parent, pageToken=None, pageSize=None, x__xgafv=None)</code>
+ <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
<pre>Lists the health datasets in the current project.
Args:
parent: string, The name of the project whose datasets should be listed.
For example, `projects/{project_id}/locations/{location_id}`. (required)
- pageToken: string, The next_page_token value returned from a previous List request, if any.
pageSize: integer, The maximum number of items to return. Capped to 100 if not specified.
May not be larger than 1000.
+ pageToken: string, The next_page_token value returned from a previous List request, if any.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -810,22 +828,22 @@
An object of the form:
{ # Lists the available datasets.
- "datasets": [ # The first page of datasets.
- { # A message representing a health dataset.
- #
- # A health dataset represents a collection of healthcare data pertaining to one
- # or more patients. This may include multiple modalities of healthcare data,
- # such as electronic medical records or medical imaging data.
- "name": "A String", # Output only. Resource name of the dataset, of the form
- # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
- "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
- # time zone name such as "America/New_York" or empty, which defaults to UTC.
- # This is used for parsing times in resources, such as HL7 messages, where no
- # explicit timezone is specified.
- },
- ],
"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no
# more results in the list.
+ "datasets": [ # The first page of datasets.
+ { # A message representing a health dataset.
+ #
+ # A health dataset represents a collection of healthcare data pertaining to one
+ # or more patients. This may include multiple modalities of healthcare data,
+ # such as electronic medical records or medical imaging data.
+ "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
+ # time zone name such as "America/New_York" or empty, which defaults to UTC.
+ # This is used for parsing times in resources, such as HL7 messages, where no
+ # explicit timezone is specified.
+ "name": "A String", # Resource name of the dataset, of the form
+ # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
+ },
+ ],
}</pre>
</div>
@@ -848,23 +866,23 @@
<pre>Updates dataset metadata.
Args:
- name: string, Output only. Resource name of the dataset, of the form
+ name: string, Resource name of the dataset, of the form
`projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`. (required)
body: object, The request body.
The object takes the form of:
{ # A message representing a health dataset.
- #
- # A health dataset represents a collection of healthcare data pertaining to one
- # or more patients. This may include multiple modalities of healthcare data,
- # such as electronic medical records or medical imaging data.
- "name": "A String", # Output only. Resource name of the dataset, of the form
- # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
- "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
- # time zone name such as "America/New_York" or empty, which defaults to UTC.
- # This is used for parsing times in resources, such as HL7 messages, where no
- # explicit timezone is specified.
-}
+ #
+ # A health dataset represents a collection of healthcare data pertaining to one
+ # or more patients. This may include multiple modalities of healthcare data,
+ # such as electronic medical records or medical imaging data.
+ "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
+ # time zone name such as "America/New_York" or empty, which defaults to UTC.
+ # This is used for parsing times in resources, such as HL7 messages, where no
+ # explicit timezone is specified.
+ "name": "A String", # Resource name of the dataset, of the form
+ # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
+ }
updateMask: string, The update mask applies to the resource. For the `FieldMask` definition,
see
@@ -878,17 +896,17 @@
An object of the form:
{ # A message representing a health dataset.
- #
- # A health dataset represents a collection of healthcare data pertaining to one
- # or more patients. This may include multiple modalities of healthcare data,
- # such as electronic medical records or medical imaging data.
- "name": "A String", # Output only. Resource name of the dataset, of the form
- # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
- "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
- # time zone name such as "America/New_York" or empty, which defaults to UTC.
- # This is used for parsing times in resources, such as HL7 messages, where no
- # explicit timezone is specified.
- }</pre>
+ #
+ # A health dataset represents a collection of healthcare data pertaining to one
+ # or more patients. This may include multiple modalities of healthcare data,
+ # such as electronic medical records or medical imaging data.
+ "timeZone": "A String", # The default timezone used by this dataset. Must be a either a valid IANA
+ # time zone name such as "America/New_York" or empty, which defaults to UTC.
+ # This is used for parsing times in resources, such as HL7 messages, where no
+ # explicit timezone is specified.
+ "name": "A String", # Resource name of the dataset, of the form
+ # `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}`.
+ }</pre>
</div>
<div class="method">
@@ -980,127 +998,6 @@
#
# For a description of IAM and its features, see the
# [IAM documentation](https://cloud.google.com/iam/docs/).
- "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
- # prevent simultaneous updates of a policy from overwriting each other.
- # It is strongly suggested that systems make use of the `etag` in the
- # read-modify-write cycle to perform policy updates in order to avoid race
- # conditions: An `etag` is returned in the response to `getIamPolicy`, and
- # systems are expected to put that etag in the request to `setIamPolicy` to
- # ensure that their change will be applied to the same version of the policy.
- #
- # **Important:** If you use IAM Conditions, you must include the `etag` field
- # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
- # you to overwrite a version `3` policy with a version `1` policy, and all of
- # the conditions in the version `3` policy are lost.
- "version": 42, # Specifies the format of the policy.
- #
- # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
- # are rejected.
- #
- # Any operation that affects conditional role bindings must specify version
- # `3`. This requirement applies to the following operations:
- #
- # * Getting a policy that includes a conditional role binding
- # * Adding a conditional role binding to a policy
- # * Changing a conditional role binding in a policy
- # * Removing any role binding, with or without a condition, from a policy
- # that includes conditions
- #
- # **Important:** If you use IAM Conditions, you must include the `etag` field
- # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
- # you to overwrite a version `3` policy with a version `1` policy, and all of
- # the conditions in the version `3` policy are lost.
- #
- # If a policy does not include any conditions, operations on that policy may
- # specify any valid version or leave the field unset.
- #
- # To learn which resources support conditions in their IAM policies, see the
- # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
- "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
- { # Specifies the audit configuration for a service.
- # The configuration determines which permission types are logged, and what
- # identities, if any, are exempted from logging.
- # An AuditConfig must have one or more AuditLogConfigs.
- #
- # If there are AuditConfigs for both `allServices` and a specific service,
- # the union of the two AuditConfigs is used for that service: the log_types
- # specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditLogConfig are exempted.
- #
- # Example Policy with multiple AuditConfigs:
- #
- # {
- # "audit_configs": [
- # {
- # "service": "allServices"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:jose@example.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # },
- # {
- # "log_type": "ADMIN_READ",
- # }
- # ]
- # },
- # {
- # "service": "sampleservice.googleapis.com"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # },
- # {
- # "log_type": "DATA_WRITE",
- # "exempted_members": [
- # "user:aliya@example.com"
- # ]
- # }
- # ]
- # }
- # ]
- # }
- #
- # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
- # logging. It also exempts jose@example.com from DATA_READ logging, and
- # aliya@example.com from DATA_WRITE logging.
- "auditLogConfigs": [ # The configuration for logging of each type of permission.
- { # Provides the configuration for logging a type of permissions.
- # Example:
- #
- # {
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:jose@example.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # }
- # ]
- # }
- #
- # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
- # jose@example.com from DATA_READ logging.
- "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
- # permission.
- # Follows the same format of Binding.members.
- "A String",
- ],
- "logType": "A String", # The log type that this config enables.
- },
- ],
- "service": "A String", # Specifies a service that will be enabled for audit logging.
- # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
- # `allServices` is a special value that covers all services.
- },
- ],
"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a
# `condition` that determines how and when the `bindings` are applied. Each
# of the `bindings` must contain at least one member.
@@ -1147,15 +1044,15 @@
# The exact variables and functions that may be referenced within an expression
# are determined by the service that evaluates it. See the service
# documentation for additional information.
- "expression": "A String", # Textual representation of an expression in Common Expression Language
- # syntax.
"title": "A String", # Optional. Title for the expression, i.e. a short string describing
# its purpose. This can be used e.g. in UIs which allow to enter the
# expression.
- "location": "A String", # Optional. String indicating the location of the expression for error
- # reporting, e.g. a file name and a position in the file.
"description": "A String", # Optional. Description of the expression. This is a longer text which
# describes the expression, e.g. when hovered over it in a UI.
+ "expression": "A String", # Textual representation of an expression in Common Expression Language
+ # syntax.
+ "location": "A String", # Optional. String indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
},
"members": [ # Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
@@ -1206,6 +1103,127 @@
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
},
],
+ "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
+ # prevent simultaneous updates of a policy from overwriting each other.
+ # It is strongly suggested that systems make use of the `etag` in the
+ # read-modify-write cycle to perform policy updates in order to avoid race
+ # conditions: An `etag` is returned in the response to `getIamPolicy`, and
+ # systems are expected to put that etag in the request to `setIamPolicy` to
+ # ensure that their change will be applied to the same version of the policy.
+ #
+ # **Important:** If you use IAM Conditions, you must include the `etag` field
+ # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+ # you to overwrite a version `3` policy with a version `1` policy, and all of
+ # the conditions in the version `3` policy are lost.
+ "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+ { # Specifies the audit configuration for a service.
+ # The configuration determines which permission types are logged, and what
+ # identities, if any, are exempted from logging.
+ # An AuditConfig must have one or more AuditLogConfigs.
+ #
+ # If there are AuditConfigs for both `allServices` and a specific service,
+ # the union of the two AuditConfigs is used for that service: the log_types
+ # specified in each AuditConfig are enabled, and the exempted_members in each
+ # AuditLogConfig are exempted.
+ #
+ # Example Policy with multiple AuditConfigs:
+ #
+ # {
+ # "audit_configs": [
+ # {
+ # "service": "allServices",
+ # "audit_log_configs": [
+ # {
+ # "log_type": "DATA_READ",
+ # "exempted_members": [
+ # "user:jose@example.com"
+ # ]
+ # },
+ # {
+ # "log_type": "DATA_WRITE"
+ # },
+ # {
+ # "log_type": "ADMIN_READ"
+ # }
+ # ]
+ # },
+ # {
+ # "service": "sampleservice.googleapis.com",
+ # "audit_log_configs": [
+ # {
+ # "log_type": "DATA_READ"
+ # },
+ # {
+ # "log_type": "DATA_WRITE",
+ # "exempted_members": [
+ # "user:aliya@example.com"
+ # ]
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ #
+ # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
+ # logging. It also exempts jose@example.com from DATA_READ logging, and
+ # aliya@example.com from DATA_WRITE logging.
+ "auditLogConfigs": [ # The configuration for logging of each type of permission.
+ { # Provides the configuration for logging a type of permissions.
+ # Example:
+ #
+ # {
+ # "audit_log_configs": [
+ # {
+ # "log_type": "DATA_READ",
+ # "exempted_members": [
+ # "user:jose@example.com"
+ # ]
+ # },
+ # {
+ # "log_type": "DATA_WRITE"
+ # }
+ # ]
+ # }
+ #
+ # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
+ # jose@example.com from DATA_READ logging.
+ "logType": "A String", # The log type that this config enables.
+ "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
+ # permission.
+ # Follows the same format of Binding.members.
+ "A String",
+ ],
+ },
+ ],
+ "service": "A String", # Specifies a service that will be enabled for audit logging.
+ # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
+ # `allServices` is a special value that covers all services.
+ },
+ ],
+ "version": 42, # Specifies the format of the policy.
+ #
+ # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
+ # are rejected.
+ #
+ # Any operation that affects conditional role bindings must specify version
+ # `3`. This requirement applies to the following operations:
+ #
+ # * Getting a policy that includes a conditional role binding
+ # * Adding a conditional role binding to a policy
+ # * Changing a conditional role binding in a policy
+ # * Removing any role binding, with or without a condition, from a policy
+ # that includes conditions
+ #
+ # **Important:** If you use IAM Conditions, you must include the `etag` field
+ # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+ # you to overwrite a version `3` policy with a version `1` policy, and all of
+ # the conditions in the version `3` policy are lost.
+ #
+ # If a policy does not include any conditions, operations on that policy may
+ # specify any valid version or leave the field unset.
+ #
+ # To learn which resources support conditions in their IAM policies, see the
+ # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
},
}
@@ -1284,127 +1302,6 @@
#
# For a description of IAM and its features, see the
# [IAM documentation](https://cloud.google.com/iam/docs/).
- "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
- # prevent simultaneous updates of a policy from overwriting each other.
- # It is strongly suggested that systems make use of the `etag` in the
- # read-modify-write cycle to perform policy updates in order to avoid race
- # conditions: An `etag` is returned in the response to `getIamPolicy`, and
- # systems are expected to put that etag in the request to `setIamPolicy` to
- # ensure that their change will be applied to the same version of the policy.
- #
- # **Important:** If you use IAM Conditions, you must include the `etag` field
- # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
- # you to overwrite a version `3` policy with a version `1` policy, and all of
- # the conditions in the version `3` policy are lost.
- "version": 42, # Specifies the format of the policy.
- #
- # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
- # are rejected.
- #
- # Any operation that affects conditional role bindings must specify version
- # `3`. This requirement applies to the following operations:
- #
- # * Getting a policy that includes a conditional role binding
- # * Adding a conditional role binding to a policy
- # * Changing a conditional role binding in a policy
- # * Removing any role binding, with or without a condition, from a policy
- # that includes conditions
- #
- # **Important:** If you use IAM Conditions, you must include the `etag` field
- # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
- # you to overwrite a version `3` policy with a version `1` policy, and all of
- # the conditions in the version `3` policy are lost.
- #
- # If a policy does not include any conditions, operations on that policy may
- # specify any valid version or leave the field unset.
- #
- # To learn which resources support conditions in their IAM policies, see the
- # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
- "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
- { # Specifies the audit configuration for a service.
- # The configuration determines which permission types are logged, and what
- # identities, if any, are exempted from logging.
- # An AuditConfig must have one or more AuditLogConfigs.
- #
- # If there are AuditConfigs for both `allServices` and a specific service,
- # the union of the two AuditConfigs is used for that service: the log_types
- # specified in each AuditConfig are enabled, and the exempted_members in each
- # AuditLogConfig are exempted.
- #
- # Example Policy with multiple AuditConfigs:
- #
- # {
- # "audit_configs": [
- # {
- # "service": "allServices"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:jose@example.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # },
- # {
- # "log_type": "ADMIN_READ",
- # }
- # ]
- # },
- # {
- # "service": "sampleservice.googleapis.com"
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # },
- # {
- # "log_type": "DATA_WRITE",
- # "exempted_members": [
- # "user:aliya@example.com"
- # ]
- # }
- # ]
- # }
- # ]
- # }
- #
- # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
- # logging. It also exempts jose@example.com from DATA_READ logging, and
- # aliya@example.com from DATA_WRITE logging.
- "auditLogConfigs": [ # The configuration for logging of each type of permission.
- { # Provides the configuration for logging a type of permissions.
- # Example:
- #
- # {
- # "audit_log_configs": [
- # {
- # "log_type": "DATA_READ",
- # "exempted_members": [
- # "user:jose@example.com"
- # ]
- # },
- # {
- # "log_type": "DATA_WRITE",
- # }
- # ]
- # }
- #
- # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
- # jose@example.com from DATA_READ logging.
- "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
- # permission.
- # Follows the same format of Binding.members.
- "A String",
- ],
- "logType": "A String", # The log type that this config enables.
- },
- ],
- "service": "A String", # Specifies a service that will be enabled for audit logging.
- # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
- # `allServices` is a special value that covers all services.
- },
- ],
"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a
# `condition` that determines how and when the `bindings` are applied. Each
# of the `bindings` must contain at least one member.
@@ -1451,15 +1348,15 @@
# The exact variables and functions that may be referenced within an expression
# are determined by the service that evaluates it. See the service
# documentation for additional information.
- "expression": "A String", # Textual representation of an expression in Common Expression Language
- # syntax.
"title": "A String", # Optional. Title for the expression, i.e. a short string describing
# its purpose. This can be used e.g. in UIs which allow to enter the
# expression.
- "location": "A String", # Optional. String indicating the location of the expression for error
- # reporting, e.g. a file name and a position in the file.
"description": "A String", # Optional. Description of the expression. This is a longer text which
# describes the expression, e.g. when hovered over it in a UI.
+ "expression": "A String", # Textual representation of an expression in Common Expression Language
+ # syntax.
+ "location": "A String", # Optional. String indicating the location of the expression for error
+ # reporting, e.g. a file name and a position in the file.
},
"members": [ # Specifies the identities requesting access for a Cloud Platform resource.
# `members` can have the following values:
@@ -1510,6 +1407,127 @@
# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
},
],
+ "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help
+ # prevent simultaneous updates of a policy from overwriting each other.
+ # It is strongly suggested that systems make use of the `etag` in the
+ # read-modify-write cycle to perform policy updates in order to avoid race
+ # conditions: An `etag` is returned in the response to `getIamPolicy`, and
+ # systems are expected to put that etag in the request to `setIamPolicy` to
+ # ensure that their change will be applied to the same version of the policy.
+ #
+ # **Important:** If you use IAM Conditions, you must include the `etag` field
+ # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+ # you to overwrite a version `3` policy with a version `1` policy, and all of
+ # the conditions in the version `3` policy are lost.
+ "auditConfigs": [ # Specifies cloud audit logging configuration for this policy.
+ { # Specifies the audit configuration for a service.
+ # The configuration determines which permission types are logged, and what
+ # identities, if any, are exempted from logging.
+ # An AuditConfig must have one or more AuditLogConfigs.
+ #
+ # If there are AuditConfigs for both `allServices` and a specific service,
+ # the union of the two AuditConfigs is used for that service: the log_types
+ # specified in each AuditConfig are enabled, and the exempted_members in each
+ # AuditLogConfig are exempted.
+ #
+ # Example Policy with multiple AuditConfigs:
+ #
+ # {
+ # "audit_configs": [
+ # {
+ # "service": "allServices",
+ # "audit_log_configs": [
+ # {
+ # "log_type": "DATA_READ",
+ # "exempted_members": [
+ # "user:jose@example.com"
+ # ]
+ # },
+ # {
+ # "log_type": "DATA_WRITE"
+ # },
+ # {
+ # "log_type": "ADMIN_READ"
+ # }
+ # ]
+ # },
+ # {
+ # "service": "sampleservice.googleapis.com",
+ # "audit_log_configs": [
+ # {
+ # "log_type": "DATA_READ"
+ # },
+ # {
+ # "log_type": "DATA_WRITE",
+ # "exempted_members": [
+ # "user:aliya@example.com"
+ # ]
+ # }
+ # ]
+ # }
+ # ]
+ # }
+ #
+ # For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
+ # logging. It also exempts jose@example.com from DATA_READ logging, and
+ # aliya@example.com from DATA_WRITE logging.
+ "auditLogConfigs": [ # The configuration for logging of each type of permission.
+ { # Provides the configuration for logging a type of permissions.
+ # Example:
+ #
+ # {
+ # "audit_log_configs": [
+ # {
+ # "log_type": "DATA_READ",
+ # "exempted_members": [
+ # "user:jose@example.com"
+ # ]
+ # },
+ # {
+ # "log_type": "DATA_WRITE"
+ # }
+ # ]
+ # }
+ #
+ # This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting
+ # jose@example.com from DATA_READ logging.
+ "logType": "A String", # The log type that this config enables.
+ "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of
+ # permission.
+ # Follows the same format of Binding.members.
+ "A String",
+ ],
+ },
+ ],
+ "service": "A String", # Specifies a service that will be enabled for audit logging.
+ # For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.
+ # `allServices` is a special value that covers all services.
+ },
+ ],
+ "version": 42, # Specifies the format of the policy.
+ #
+ # Valid values are `0`, `1`, and `3`. Requests that specify an invalid value
+ # are rejected.
+ #
+ # Any operation that affects conditional role bindings must specify version
+ # `3`. This requirement applies to the following operations:
+ #
+ # * Getting a policy that includes a conditional role binding
+ # * Adding a conditional role binding to a policy
+ # * Changing a conditional role binding in a policy
+ # * Removing any role binding, with or without a condition, from a policy
+ # that includes conditions
+ #
+ # **Important:** If you use IAM Conditions, you must include the `etag` field
+ # whenever you call `setIamPolicy`. If you omit this field, then IAM allows
+ # you to overwrite a version `3` policy with a version `1` policy, and all of
+ # the conditions in the version `3` policy are lost.
+ #
+ # If a policy does not include any conditions, operations on that policy may
+ # specify any valid version or leave the field unset.
+ #
+ # To learn which resources support conditions in their IAM policies, see the
+ # [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
}</pre>
</div>