Blame - docs/dyn/gameservices_v1beta.projects.locations.gameServerDeployments.html - platform/external/python/google-api-python-client

2020-07-22 17:02:09 -0700

[diff] [blame]

101

<code><a href="#list">list(parent, orderBy=None, pageSize=None, filter=None, pageToken=None, x__xgafv=None)</a></code></p>

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

102

<p class="firstline">Lists game server deployments in a given project and location.</p>

103

104

<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>

105

<p class="firstline">Retrieves the next page of results.</p>

106

107

<code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>

108

<p class="firstline">Patches a game server deployment.</p>

109

110

<code><a href="#previewRollout">previewRollout(name, body=None, previewTime=None, updateMask=None, x__xgafv=None)</a></code></p>

111

<p class="firstline">Previews the game server deployment rollout. This API does not mutate the</p>

112

113

<code><a href="#setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</a></code></p>

114

<p class="firstline">Sets the access control policy on the specified resource. Replaces any</p>

115

116

<code><a href="#testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</a></code></p>

117

<p class="firstline">Returns permissions that a caller has on the specified resource.</p>

118

119

<code><a href="#updateRollout">updateRollout(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>

120

<p class="firstline">Patches a single game server deployment rollout.</p>

121

<h3>Method Details</h3>

122

123

<code class="details" id="create">create(parent, body=None, deploymentId=None, x__xgafv=None)</code>

124

<pre>Creates a new game server deployment in a given project and location.

125

126

Args:

127

parent: string, Required. The parent resource name. Uses the form:

128

`projects/{project}/locations/{location}`. (required)

129

body: object, The request body.

130

The object takes the form of:

131

132

{ # A game server deployment resource.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

133

"updateTime": "A String", # Output only. The last-modified time.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

134

"description": "A String", # Human readable description of the game server delpoyment.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

135

"createTime": "A String", # Output only. The creation time.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

136

"etag": "A String", # ETag of the resource.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

137

"labels": { # The labels associated with this game server deployment. Each label is a

138

# key-value pair.

139

"a_key": "A String",

140

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

141

"name": "A String", # The resource name of the game server deployment. Uses the form:

142

#

143

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment}`.

144

# For example,

145

#

146

# `projects/my-project/locations/{location}/gameServerDeployments/my-deployment`.

147

}

148

149

deploymentId: string, Required. The ID of the game server delpoyment resource to be created.

150

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

157

158

{ # This resource represents a long-running operation that is the result of a

159

# network API call.

160

"done": True or False, # If the value is `false`, it means the operation is still in progress.

161

# If `true`, the operation is completed, and either `error` or `response` is

162

# available.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

163

"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.

164

# different programming environments, including REST APIs and RPC APIs. It is

165

# used by [gRPC](https://github.com/grpc). Each `Status` message contains

166

# three pieces of data: error code, error message, and error details.

167

#

168

# You can find out more about this error model and how to work with it in the

169

# [API Design Guide](https://cloud.google.com/apis/design/errors).

170

"details": [ # A list of messages that carry the error details. There is a common set of

171

# message types for APIs to use.

172

{

173

"a_key": "", # Properties of the object. Contains field @type with type URL.

174

},

175

],

176

"message": "A String", # A developer-facing error message, which should be in English. Any

177

# user-facing error message should be localized and sent in the

178

# google.rpc.Status.details field, or localized by the client.

179

"code": 42, # The status code, which should be an enum value of google.rpc.Code.

180

},

181

"name": "A String", # The server-assigned name, which is only unique within the same service that

182

# originally returns it. If you use the default HTTP mapping, the

183

# `name` should be a resource name ending with `operations/{unique_id}`.

184

"metadata": { # Service-specific metadata associated with the operation. It typically

185

# contains progress information and common metadata such as create time.

186

# Some services might not provide such metadata. Any method that returns a

187

# long-running operation should document the metadata type, if any.

188

"a_key": "", # Properties of the object. Contains field @type with type URL.

189

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

190

"response": { # The normal response of the operation in case of success. If the original

191

# method returns no data on success, such as `Delete`, the response is

192

# `google.protobuf.Empty`. If the original method is standard

193

# `Get`/`Create`/`Update`, the response should be the resource. For other

194

# methods, the response should have the type `XxxResponse`, where `Xxx`

195

# is the original method name. For example, if the original method name

196

# is `TakeSnapshot()`, the inferred response type is

197

# `TakeSnapshotResponse`.

198

"a_key": "", # Properties of the object. Contains field @type with type URL.

199

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

}</pre>

</div>

<code class="details" id="delete">delete(name, x__xgafv=None)</code>

205

<pre>Deletes a single game server deployment.

206

207

Args:

208

name: string, Required. The name of the game server delpoyment to delete. Uses the form:

209

210

`projects/{project}/locations/{location}/gameServerDeployments/{deployment}`. (required)

211

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

218

219

{ # This resource represents a long-running operation that is the result of a

220

# network API call.

221

"done": True or False, # If the value is `false`, it means the operation is still in progress.

222

# If `true`, the operation is completed, and either `error` or `response` is

223

# available.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

224

"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.

225

# different programming environments, including REST APIs and RPC APIs. It is

226

# used by [gRPC](https://github.com/grpc). Each `Status` message contains

227

# three pieces of data: error code, error message, and error details.

228

#

229

# You can find out more about this error model and how to work with it in the

230

# [API Design Guide](https://cloud.google.com/apis/design/errors).

231

"details": [ # A list of messages that carry the error details. There is a common set of

232

# message types for APIs to use.

233

{

234

"a_key": "", # Properties of the object. Contains field @type with type URL.

235

},

236

],

237

"message": "A String", # A developer-facing error message, which should be in English. Any

238

# user-facing error message should be localized and sent in the

239

# google.rpc.Status.details field, or localized by the client.

240

"code": 42, # The status code, which should be an enum value of google.rpc.Code.

241

},

242

"name": "A String", # The server-assigned name, which is only unique within the same service that

243

# originally returns it. If you use the default HTTP mapping, the

244

# `name` should be a resource name ending with `operations/{unique_id}`.

245

"metadata": { # Service-specific metadata associated with the operation. It typically

246

# contains progress information and common metadata such as create time.

247

# Some services might not provide such metadata. Any method that returns a

248

# long-running operation should document the metadata type, if any.

249

"a_key": "", # Properties of the object. Contains field @type with type URL.

250

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

251

"response": { # The normal response of the operation in case of success. If the original

252

# method returns no data on success, such as `Delete`, the response is

253

# `google.protobuf.Empty`. If the original method is standard

254

# `Get`/`Create`/`Update`, the response should be the resource. For other

255

# methods, the response should have the type `XxxResponse`, where `Xxx`

256

# is the original method name. For example, if the original method name

257

# is `TakeSnapshot()`, the inferred response type is

258

# `TakeSnapshotResponse`.

259

"a_key": "", # Properties of the object. Contains field @type with type URL.

260

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

}</pre>

</div>

<code class="details" id="fetchDeploymentState">fetchDeploymentState(name, body=None, x__xgafv=None)</code>

266

<pre>Retrieves information about the current state of the game server

267

deployment. Gathers all the Agones fleets and Agones autoscalers,

268

including fleets running an older version of the game server deployment.

269

270

Args:

271

name: string, Required. The name of the game server delpoyment. Uses the form:

272

273

`projects/{project}/locations/{location}/gameServerDeployments/{deployment}`. (required)

274

body: object, The request body.

275

The object takes the form of:

276

277

{ # Request message for GameServerDeploymentsService.FetchDeploymentState.

278

}

279

280

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

287

288

{ # Response message for GameServerDeploymentsService.FetchDeploymentState.

289

"unavailable": [ # List of locations that could not be reached.

290

"A String",

291

],

292

"clusterState": [ # The state of the game server deployment in each game server cluster.

293

{ # The game server cluster changes made by the game server deployment.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

294

"cluster": "A String", # The name of the cluster.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

295

"fleetDetails": [ # The details about the Agones fleets and autoscalers created in the

296

# game server cluster.

297

{ # Details of the deployed Agones fleet.

298

"deployedAutoscaler": { # Details about the Agones autoscaler. # Information about the Agones autoscaler for that fleet.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

299

"autoscaler": "A String", # The name of the Agones autoscaler.

300

"fleetAutoscalerSpec": "A String", # The autoscaler spec retrieved from Agones.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

301

"specSource": { # Encapsulates Agones fleet spec and Agones autoscaler spec sources. # The source spec that is used to create the autoscaler.

302

# The GameServerConfig resource may no longer exist in the system.

303

"gameServerConfigName": "A String", # The game server config resource. Uses the form:

304

#

305

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment_id}/configs/{config_id}`.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

306

"name": "A String", # The name of the Agones leet config or Agones scaling config used to derive

307

# the Agones fleet or Agones autoscaler spec.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

308

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

309

},

310

"deployedFleet": { # Agones fleet specification and details. # Information about the Agones fleet.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

311

"fleet": "A String", # The name of the Agones fleet.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

312

"fleetSpec": "A String", # The fleet spec retrieved from the Agones fleet.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

313

"status": { # DeployedFleetStatus has details about the Agones fleets such as how many # The current status of the Agones fleet.

314

# Includes count of game servers in various states.

315

# are running, how many allocated, and so on.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

316

"allocatedReplicas": "A String", # The number of GameServer replicas in the ALLOCATED state in this fleet.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

317

"readyReplicas": "A String", # The number of GameServer replicas in the READY state in this fleet.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

318

"reservedReplicas": "A String", # The number of GameServer replicas in the RESERVED state in this fleet.

319

# Reserved instances won't be deleted on scale down, but won't cause

320

# an autoscaler to scale up.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

321

"replicas": "A String", # The total number of current GameServer replicas in this fleet.

322

},

323

"specSource": { # Encapsulates Agones fleet spec and Agones autoscaler spec sources. # The source spec that is used to create the Agones fleet.

324

# The GameServerConfig resource may no longer exist in the system.

325

"gameServerConfigName": "A String", # The game server config resource. Uses the form:

326

#

327

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment_id}/configs/{config_id}`.

328

"name": "A String", # The name of the Agones leet config or Agones scaling config used to derive

329

# the Agones fleet or Agones autoscaler spec.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

},

},

},

],

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

},

],

}</pre>

</div>

<code class="details" id="get">get(name, x__xgafv=None)</code>

341

<pre>Gets details of a single game server deployment.

342

343

Args:

344

name: string, Required. The name of the game server delpoyment to retrieve. Uses the form:

345

346

`projects/{project}/locations/{location}/gameServerDeployments/{deployment}`. (required)

347

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

354

355

{ # A game server deployment resource.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

356

"updateTime": "A String", # Output only. The last-modified time.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

357

"description": "A String", # Human readable description of the game server delpoyment.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

358

"createTime": "A String", # Output only. The creation time.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

359

"etag": "A String", # ETag of the resource.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

360

"labels": { # The labels associated with this game server deployment. Each label is a

361

# key-value pair.

362

"a_key": "A String",

363

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

364

"name": "A String", # The resource name of the game server deployment. Uses the form:

365

#

366

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment}`.

367

# For example,

368

#

369

# `projects/my-project/locations/{location}/gameServerDeployments/my-deployment`.

}</pre>

</div>

<code class="details" id="getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</code>

375

<pre>Gets the access control policy for a resource.

376

Returns an empty policy if the resource exists and does not have a policy

set.

Args:

resource: string, REQUIRED: The resource for which the policy is being requested.

381

See the operation documentation for the appropriate value for this field. (required)

382

options_requestedPolicyVersion: integer, Optional. The policy format version to be returned.

383

384

Valid values are 0, 1, and 3. Requests specifying an invalid value will be

385

rejected.

386

387

Requests for policies with any conditional bindings must specify version 3.

388

Policies without any conditional bindings may specify any valid value or

389

leave the field unset.

390

391

To learn which resources support conditions in their IAM policies, see the

392

[IAM

393

documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

394

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

401

402

{ # An Identity and Access Management (IAM) policy, which specifies access

403

# controls for Google Cloud resources.

404

#

405

#

406

# A `Policy` is a collection of `bindings`. A `binding` binds one or more

407

# `members` to a single `role`. Members can be user accounts, service accounts,

408

# Google groups, and domains (such as G Suite). A `role` is a named list of

409

# permissions; each `role` can be an IAM predefined role or a user-created

410

# custom role.

411

#

412

# For some types of Google Cloud resources, a `binding` can also specify a

413

# `condition`, which is a logical expression that allows access to a resource

414

# only if the expression evaluates to `true`. A condition can add constraints

415

# based on attributes of the request, the resource, or both. To learn which

416

# resources support conditions in their IAM policies, see the

417

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

#

# **JSON example:**

#

# {

# "bindings": [

# {

# "role": "roles/resourcemanager.organizationAdmin",

425

# "members": [

426

# "user:mike@example.com",

427

# "group:admins@example.com",

428

# "domain:google.com",

429

# "serviceAccount:my-project-id@appspot.gserviceaccount.com"

# ]

# },

# {

# "role": "roles/resourcemanager.organizationViewer",

434

# "members": [

435

# "user:eve@example.com"

436

# ],

437

# "condition": {

438

# "title": "expirable access",

439

# "description": "Does not grant access after Sep 2020",

440

# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",

# }

# }

# ],

# "etag": "BwWWja0YfJA=",

# "version": 3

# }

#

# **YAML example:**

#

# bindings:

# - members:

# - user:mike@example.com

453

# - group:admins@example.com

454

# - domain:google.com

455

# - serviceAccount:my-project-id@appspot.gserviceaccount.com

456

# role: roles/resourcemanager.organizationAdmin

457

# - members:

458

# - user:eve@example.com

459

# role: roles/resourcemanager.organizationViewer

460

# condition:

461

# title: expirable access

462

# description: Does not grant access after Sep 2020

463

# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')

464

# - etag: BwWWja0YfJA=

465

# - version: 3

466

#

467

# For a description of IAM and its features, see the

468

# [IAM documentation](https://cloud.google.com/iam/docs/).

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

469

"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help

470

# prevent simultaneous updates of a policy from overwriting each other.

471

# It is strongly suggested that systems make use of the `etag` in the

472

# read-modify-write cycle to perform policy updates in order to avoid race

473

# conditions: An `etag` is returned in the response to `getIamPolicy`, and

474

# systems are expected to put that etag in the request to `setIamPolicy` to

475

# ensure that their change will be applied to the same version of the policy.

476

#

477

# **Important:** If you use IAM Conditions, you must include the `etag` field

478

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

479

# you to overwrite a version `3` policy with a version `1` policy, and all of

480

# the conditions in the version `3` policy are lost.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

481

"rules": [ # If more than one rule is specified, the rules are applied in the following

482

# manner:

483

# - All matching LOG rules are always applied.

484

# - If any DENY/DENY_WITH_LOG rule matches, permission is denied.

485

# Logging will be applied if one or more matching rule requires logging.

486

# - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is

487

# granted.

488

# Logging will be applied if one or more matching rule requires logging.

489

# - Otherwise, if no rule applies, permission is denied.

490

{ # A rule to be applied in a Policy.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

491

"description": "A String", # Human-readable description of the rule.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

492

"conditions": [ # Additional restrictions that must be met. All conditions must pass for the

493

# rule to match.

494

{ # A condition to be met.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

495

"sys": "A String", # Trusted attributes supplied by any service that owns resources and uses

496

# the IAM system for access control.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

497

"iam": "A String", # Trusted attributes supplied by the IAM system.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

498

"op": "A String", # An operator to apply the subject with.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

499

"values": [ # The objects of the condition.

500

"A String",

501

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

502

"svc": "A String", # Trusted attributes discharged by the service.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

503

},

504

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

505

"notIn": [ # If one or more 'not_in' clauses are specified, the rule matches

506

# if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.

507

# The format for in and not_in entries can be found at in the Local IAM

508

# documentation (see go/local-iam#features).

509

"A String",

510

],

511

"action": "A String", # Required

512

"permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'

513

# (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,

514

# and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.

515

"A String",

516

],

517

"in": [ # If one or more 'in' clauses are specified, the rule matches if

518

# the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.

519

"A String",

520

],

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

521

"logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries

522

# that match the LOG action.

523

{ # Specifies what kind of log the caller must write

524

"cloudAudit": { # Write a Cloud Audit log # Cloud audit options.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

525

"authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.

526

"permissionType": "A String", # The type of the permission that was checked.

527

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

528

"logName": "A String", # The log_name to populate in the Cloud Audit Record.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

529

},

530

"counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.

531

#

532

# Metric names should start with a '/', generally be lowercase-only,

533

# and end in "_count". Field names should not contain an initial slash.

534

# The actual exported metric names will have "/iam/policy" prepended.

535

#

536

# Field names correspond to IAM request parameters and field values are

537

# their respective values.

538

#

539

# Supported field names:

540

# - "authority", which is "[token]" if IAMContext.token is present,

541

# otherwise the value of IAMContext.authority_selector if present, and

542

# otherwise a representation of IAMContext.principal; or

543

# - "iam_principal", a representation of IAMContext.principal even if a

544

# token or authority selector is present; or

545

# - "" (empty string), resulting in a counter with no fields.

546

#

547

# Examples:

548

# counter { metric: "/debug_access_count" field: "iam_principal" }

549

# ==> increment counter /iam/policy/debug_access_count

550

# {iam_principal=[value of IAMContext.principal]}

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

551

"customFields": [ # Custom fields.

552

{ # Custom fields.

553

# These can be used to create a counter with arbitrary field/value

554

# pairs.

555

# See: go/rpcsp-custom-fields.

556

"value": "A String", # Value is the field value. It is important that in contrast to the

557

# CounterOptions.field, the value here is a constant that is not

558

# derived from the IAMContext.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

559

"name": "A String", # Name is the field name.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

560

},

561

],

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

562

"field": "A String", # The field value to attribute.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

563

"metric": "A String", # The metric to update.

564

},

565

"dataAccess": { # Write a Data Access (Gin) log # Data access options.

566

"logMode": "A String",

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

567

},

568

},

569

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

570

},

571

],

572

"iamOwned": True or False,

573

"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.

574

{ # Specifies the audit configuration for a service.

575

# The configuration determines which permission types are logged, and what

576

# identities, if any, are exempted from logging.

577

# An AuditConfig must have one or more AuditLogConfigs.

578

#

579

# If there are AuditConfigs for both `allServices` and a specific service,

580

# the union of the two AuditConfigs is used for that service: the log_types

581

# specified in each AuditConfig are enabled, and the exempted_members in each

582

# AuditLogConfig are exempted.

583

#

584

# Example Policy with multiple AuditConfigs:

#

# {

# "audit_configs": [

# {

# "service": "allServices",

590

# "audit_log_configs": [

591

# {

592

# "log_type": "DATA_READ",

593

# "exempted_members": [

594

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE"

599

# },

600

# {

601

# "log_type": "ADMIN_READ"

# }

# ]

# },

# {

# "service": "sampleservice.googleapis.com",

607

# "audit_log_configs": [

608

# {

609

# "log_type": "DATA_READ"

610

# },

611

# {

612

# "log_type": "DATA_WRITE",

613

# "exempted_members": [

614

# "user:aliya@example.com"

# ]

# }

# ]

# }

# ]

# }

#

# For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ

623

# logging. It also exempts jose@example.com from DATA_READ logging, and

624

# aliya@example.com from DATA_WRITE logging.

625

"exemptedMembers": [

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

626

"A String",

627

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

628

"auditLogConfigs": [ # The configuration for logging of each type of permission.

629

{ # Provides the configuration for logging a type of permissions.

# Example:

#

# {

# "audit_log_configs": [

634

# {

635

# "log_type": "DATA_READ",

636

# "exempted_members": [

637

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE"

# }

# ]

# }

#

# This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting

647

# jose@example.com from DATA_READ logging.

648

"ignoreChildExemptions": True or False,

649

"exemptedMembers": [ # Specifies the identities that do not cause logging for this type of

650

# permission.

651

# Follows the same format of Binding.members.

652

"A String",

653

],

654

"logType": "A String", # The log type that this config enables.

655

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

656

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

657

"service": "A String", # Specifies a service that will be enabled for audit logging.

658

# For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.

659

# `allServices` is a special value that covers all services.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

660

},

661

],

662

"version": 42, # Specifies the format of the policy.

663

#

664

# Valid values are `0`, `1`, and `3`. Requests that specify an invalid value

665

# are rejected.

666

#

667

# Any operation that affects conditional role bindings must specify version

668

# `3`. This requirement applies to the following operations:

669

#

670

# * Getting a policy that includes a conditional role binding

671

# * Adding a conditional role binding to a policy

672

# * Changing a conditional role binding in a policy

673

# * Removing any role binding, with or without a condition, from a policy

674

# that includes conditions

675

#

676

# **Important:** If you use IAM Conditions, you must include the `etag` field

677

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

678

# you to overwrite a version `3` policy with a version `1` policy, and all of

679

# the conditions in the version `3` policy are lost.

680

#

681

# If a policy does not include any conditions, operations on that policy may

682

# specify any valid version or leave the field unset.

683

#

684

# To learn which resources support conditions in their IAM policies, see the

685

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

686

"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a

687

# `condition` that determines how and when the `bindings` are applied. Each

688

# of the `bindings` must contain at least one member.

689

{ # Associates `members` with a `role`.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

690

"members": [ # Specifies the identities requesting access for a Cloud Platform resource.

691

# `members` can have the following values:

692

#

693

# * `allUsers`: A special identifier that represents anyone who is

694

# on the internet; with or without a Google account.

695

#

696

# * `allAuthenticatedUsers`: A special identifier that represents anyone

697

# who is authenticated with a Google account or a service account.

698

#

699

# * `user:{emailid}`: An email address that represents a specific Google

700

# account. For example, `alice@example.com` .

701

#

702

#

703

# * `serviceAccount:{emailid}`: An email address that represents a service

704

# account. For example, `my-other-app@appspot.gserviceaccount.com`.

705

#

706

# * `group:{emailid}`: An email address that represents a Google group.

707

# For example, `admins@example.com`.

708

#

709

# * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique

710

# identifier) representing a user that has been recently deleted. For

711

# example, `alice@example.com?uid=123456789012345678901`. If the user is

712

# recovered, this value reverts to `user:{emailid}` and the recovered user

713

# retains the role in the binding.

714

#

715

# * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus

716

# unique identifier) representing a service account that has been recently

717

# deleted. For example,

718

# `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.

719

# If the service account is undeleted, this value reverts to

720

# `serviceAccount:{emailid}` and the undeleted service account retains the

721

# role in the binding.

722

#

723

# * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique

724

# identifier) representing a Google group that has been recently

725

# deleted. For example, `admins@example.com?uid=123456789012345678901`. If

726

# the group is recovered, this value reverts to `group:{emailid}` and the

727

# recovered group retains the role in the binding.

728

#

729

#

730

# * `domain:{domain}`: The G Suite domain (primary) that represents all the

731

# users of that domain. For example, `google.com` or `example.com`.

732

#

733

"A String",

734

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

735

"condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding.

736

#

737

# If the condition evaluates to `true`, then this binding applies to the

738

# current request.

739

#

740

# If the condition evaluates to `false`, then this binding does not apply to

741

# the current request. However, a different role binding might grant the same

742

# role to one or more of the members in this binding.

743

#

744

# To learn which resources support conditions in their IAM policies, see the

745

# [IAM

746

# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

747

# syntax. CEL is a C-like expression language. The syntax and semantics of CEL

748

# are documented at https://github.com/google/cel-spec.

749

#

750

# Example (Comparison):

751

#

752

# title: "Summary size limit"

753

# description: "Determines if a summary is less than 100 chars"

754

# expression: "document.summary.size() < 100"

755

#

756

# Example (Equality):

757

#

758

# title: "Requestor is owner"

759

# description: "Determines if requestor is the document owner"

760

# expression: "document.owner == request.auth.claims.email"

#

# Example (Logic):

#

# title: "Public documents"

765

# description: "Determine whether the document should be publicly visible"

766

# expression: "document.type != 'private' && document.type != 'internal'"

767

#

768

# Example (Data Manipulation):

769

#

770

# title: "Notification string"

771

# description: "Create a notification string with a timestamp."

772

# expression: "'New message received at ' + string(document.create_time)"

773

#

774

# The exact variables and functions that may be referenced within an expression

775

# are determined by the service that evaluates it. See the service

776

# documentation for additional information.

777

"expression": "A String", # Textual representation of an expression in Common Expression Language

778

# syntax.

779

"title": "A String", # Optional. Title for the expression, i.e. a short string describing

780

# its purpose. This can be used e.g. in UIs which allow to enter the

781

# expression.

782

"location": "A String", # Optional. String indicating the location of the expression for error

783

# reporting, e.g. a file name and a position in the file.

784

"description": "A String", # Optional. Description of the expression. This is a longer text which

785

# describes the expression, e.g. when hovered over it in a UI.

786

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

787

"role": "A String", # Role that is assigned to `members`.

788

# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

},

],

}</pre>

</div>

<code class="details" id="getRollout">getRollout(name, x__xgafv=None)</code>

796

<pre>Gets details a single game server deployment rollout.

797

798

Args:

799

name: string, Required. The name of the game server delpoyment to retrieve. Uses the form:

800

801

`projects/{project}/locations/{location}/gameServerDeployments/{deployment}/rollout`. (required)

802

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

809

810

{ # The game server deployment rollout which represents the desired rollout

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

811

# state.

812

"gameServerConfigOverrides": [ # Contains the game server config rollout overrides. Overrides are processed

813

# in the order they are listed. Once a match is found for a realm, the rest

814

# of the list is not processed.

815

{ # A game server config override.

816

"configVersion": "A String", # The game server config for this override.

817

"realmsSelector": { # The realm selector, used to match realm resources. # Selector for choosing applicable realms.

818

"realms": [ # List of realms to match.

819

"A String",

820

],

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

821

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

822

},

823

],

824

"updateTime": "A String", # Output only. The last-modified time.

825

"createTime": "A String", # Output only. The creation time.

826

"name": "A String", # The resource name of the game server deployment rollout. Uses the form:

827

#

828

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment}/rollout`.

829

# For example,

830

#

831

# `projects/my-project/locations/{location}/gameServerDeployments/my-deployment/rollout`.

832

"etag": "A String", # ETag of the resource.

833

"defaultGameServerConfig": "A String", # The default game server config is applied to all realms unless overridden

834

# in the rollout. For example,

835

#

836

# `projects/my-project/locations/global/gameServerDeployments/my-game/configs/my-config`.

837

}</pre>

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

</div>

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

841

<code class="details" id="list">list(parent, orderBy=None, pageSize=None, filter=None, pageToken=None, x__xgafv=None)</code>

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

842

<pre>Lists game server deployments in a given project and location.

843

844

Args:

845

parent: string, Required. The parent resource name. Uses the form:

846

`projects/{project}/locations/{location}`. (required)

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

847

orderBy: string, Optional. Specifies the ordering of results following syntax at

848

https://cloud.google.com/apis/design/design_patterns#sorting_order.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

849

pageSize: integer, Optional. The maximum number of items to return. If unspecified, the server

850

will pick an appropriate default. The server may return fewer items than

851

requested. A caller should only rely on response's

852

next_page_token to

853

determine if there are more GameServerDeployments left to be queried.

854

filter: string, Optional. The filter to apply to list results.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

855

pageToken: string, Optional. The next_page_token value returned from a previous List request,

856

if any.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

857

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

864

865

{ # Response message for GameServerDeploymentsService.ListGameServerDeployments.

866

"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more

867

# results in the list.

868

"gameServerDeployments": [ # The list of game server deployments.

869

{ # A game server deployment resource.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

870

"updateTime": "A String", # Output only. The last-modified time.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

871

"description": "A String", # Human readable description of the game server delpoyment.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

872

"createTime": "A String", # Output only. The creation time.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

873

"etag": "A String", # ETag of the resource.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

874

"labels": { # The labels associated with this game server deployment. Each label is a

875

# key-value pair.

876

"a_key": "A String",

877

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

878

"name": "A String", # The resource name of the game server deployment. Uses the form:

879

#

880

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment}`.

881

# For example,

882

#

883

# `projects/my-project/locations/{location}/gameServerDeployments/my-deployment`.

884

},

885

],

886

"unreachable": [ # List of locations that could not be reached.

"A String",

],

}</pre>

</div>

<code class="details" id="list_next">list_next(previous_request, previous_response)</code>

894

<pre>Retrieves the next page of results.

895

896

Args:

897

previous_request: The request for the previous page. (required)

898

previous_response: The response from the request for the previous page. (required)

899

900

Returns:

901

A request object that you can call 'execute()' on to request the next

902

page. Returns None if there are no more items in the collection.

</pre>

</div>

<code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>

908

<pre>Patches a game server deployment.

909

910

Args:

911

name: string, The resource name of the game server deployment. Uses the form:

912

913

`projects/{project}/locations/{location}/gameServerDeployments/{deployment}`.

914

For example,

915

916

`projects/my-project/locations/{location}/gameServerDeployments/my-deployment`. (required)

917

body: object, The request body.

918

The object takes the form of:

919

920

{ # A game server deployment resource.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

921

"updateTime": "A String", # Output only. The last-modified time.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

922

"description": "A String", # Human readable description of the game server delpoyment.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

923

"createTime": "A String", # Output only. The creation time.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

924

"etag": "A String", # ETag of the resource.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

925

"labels": { # The labels associated with this game server deployment. Each label is a

926

# key-value pair.

927

"a_key": "A String",

928

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

929

"name": "A String", # The resource name of the game server deployment. Uses the form:

930

#

931

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment}`.

932

# For example,

933

#

934

# `projects/my-project/locations/{location}/gameServerDeployments/my-deployment`.

935

}

936

937

updateMask: string, Required. Mask of fields to update. At least one path must be supplied in

938

this field. For the `FieldMask` definition, see

939

940

https:

941

//developers.google.com/protocol-buffers

942

// /docs/reference/google.protobuf#fieldmask

943

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

950

951

{ # This resource represents a long-running operation that is the result of a

952

# network API call.

953

"done": True or False, # If the value is `false`, it means the operation is still in progress.

954

# If `true`, the operation is completed, and either `error` or `response` is

955

# available.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

956

"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.

957

# different programming environments, including REST APIs and RPC APIs. It is

958

# used by [gRPC](https://github.com/grpc). Each `Status` message contains

959

# three pieces of data: error code, error message, and error details.

960

#

961

# You can find out more about this error model and how to work with it in the

962

# [API Design Guide](https://cloud.google.com/apis/design/errors).

963

"details": [ # A list of messages that carry the error details. There is a common set of

964

# message types for APIs to use.

965

{

966

"a_key": "", # Properties of the object. Contains field @type with type URL.

967

},

968

],

969

"message": "A String", # A developer-facing error message, which should be in English. Any

970

# user-facing error message should be localized and sent in the

971

# google.rpc.Status.details field, or localized by the client.

972

"code": 42, # The status code, which should be an enum value of google.rpc.Code.

973

},

974

"name": "A String", # The server-assigned name, which is only unique within the same service that

975

# originally returns it. If you use the default HTTP mapping, the

976

# `name` should be a resource name ending with `operations/{unique_id}`.

977

"metadata": { # Service-specific metadata associated with the operation. It typically

978

# contains progress information and common metadata such as create time.

979

# Some services might not provide such metadata. Any method that returns a

980

# long-running operation should document the metadata type, if any.

981

"a_key": "", # Properties of the object. Contains field @type with type URL.

982

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

983

"response": { # The normal response of the operation in case of success. If the original

984

# method returns no data on success, such as `Delete`, the response is

985

# `google.protobuf.Empty`. If the original method is standard

986

# `Get`/`Create`/`Update`, the response should be the resource. For other

987

# methods, the response should have the type `XxxResponse`, where `Xxx`

988

# is the original method name. For example, if the original method name

989

# is `TakeSnapshot()`, the inferred response type is

990

# `TakeSnapshotResponse`.

991

"a_key": "", # Properties of the object. Contains field @type with type URL.

992

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

}</pre>

</div>

<code class="details" id="previewRollout">previewRollout(name, body=None, previewTime=None, updateMask=None, x__xgafv=None)</code>

998

<pre>Previews the game server deployment rollout. This API does not mutate the

rollout resource.

Args:

name: string, The resource name of the game server deployment rollout. Uses the form:

1003

1004

`projects/{project}/locations/{location}/gameServerDeployments/{deployment}/rollout`.

1005

For example,

1006

1007

`projects/my-project/locations/{location}/gameServerDeployments/my-deployment/rollout`. (required)

1008

body: object, The request body.

1009

The object takes the form of:

1010

1011

{ # The game server deployment rollout which represents the desired rollout

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1012

# state.

1013

"gameServerConfigOverrides": [ # Contains the game server config rollout overrides. Overrides are processed

1014

# in the order they are listed. Once a match is found for a realm, the rest

1015

# of the list is not processed.

1016

{ # A game server config override.

1017

"configVersion": "A String", # The game server config for this override.

1018

"realmsSelector": { # The realm selector, used to match realm resources. # Selector for choosing applicable realms.

1019

"realms": [ # List of realms to match.

1020

"A String",

1021

],

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1022

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1023

},

1024

],

1025

"updateTime": "A String", # Output only. The last-modified time.

1026

"createTime": "A String", # Output only. The creation time.

1027

"name": "A String", # The resource name of the game server deployment rollout. Uses the form:

1028

#

1029

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment}/rollout`.

1030

# For example,

1031

#

1032

# `projects/my-project/locations/{location}/gameServerDeployments/my-deployment/rollout`.

1033

"etag": "A String", # ETag of the resource.

1034

"defaultGameServerConfig": "A String", # The default game server config is applied to all realms unless overridden

1035

# in the rollout. For example,

1036

#

1037

# `projects/my-project/locations/global/gameServerDeployments/my-game/configs/my-config`.

1038

}

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1039

1040

previewTime: string, Optional. The target timestamp to compute the preview. Defaults to the immediately

1041

after the proposed rollout completes.

1042

updateMask: string, Optional. Mask of fields to update. At least one path must be supplied in

1043

this field. For the `FieldMask` definition, see

1044

1045

https:

1046

//developers.google.com/protocol-buffers

1047

// /docs/reference/google.protobuf#fieldmask

1048

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

1055

1056

{ # Response message for PreviewGameServerDeploymentRollout.

1057

# This has details about the Agones fleet and autoscaler to be actuated.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1058

"etag": "A String", # ETag of the game server deployment.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1059

"targetState": { # Encapsulates the Target state. # The target state.

1060

"details": [ # Details about Agones fleets.

1061

{ # Details about the Agones resources.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1062

"fleetDetails": [ # Agones fleet details for game server clusters and game server deployments.

1063

{ # Details of the target Agones fleet.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1064

"fleet": { # Target Agones fleet specification. # Reference to target Agones fleet.

1065

"name": "A String", # The name of the Agones fleet.

1066

"specSource": { # Encapsulates Agones fleet spec and Agones autoscaler spec sources. # Encapsulates the source of the Agones fleet spec.

1067

# The Agones fleet spec source.

1068

"gameServerConfigName": "A String", # The game server config resource. Uses the form:

1069

#

1070

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment_id}/configs/{config_id}`.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1071

"name": "A String", # The name of the Agones leet config or Agones scaling config used to derive

1072

# the Agones fleet or Agones autoscaler spec.

1073

},

1074

},

1075

"autoscaler": { # Target Agones autoscaler policy reference. # Reference to target Agones fleet autoscaling policy.

1076

"name": "A String", # The name of the Agones autoscaler.

1077

"specSource": { # Encapsulates Agones fleet spec and Agones autoscaler spec sources. # Encapsulates the source of the Agones fleet spec.

1078

# Details about the Agones autoscaler spec.

1079

"gameServerConfigName": "A String", # The game server config resource. Uses the form:

1080

#

1081

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment_id}/configs/{config_id}`.

1082

"name": "A String", # The name of the Agones leet config or Agones scaling config used to derive

1083

# the Agones fleet or Agones autoscaler spec.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

},

},

},

],

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1088

"gameServerClusterName": "A String", # The game server cluster name. Uses the form:

1089

#

1090

# `projects/{project}/locations/{location}/realms/{realm}/gameServerClusters/{cluster}`.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1091

"gameServerDeploymentName": "A String", # The game server deployment name. Uses the form:

1092

#

1093

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment_id}`.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1094

},

1095

],

1096

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1097

"unavailable": [ # Locations that could not be reached on this request.

1098

"A String",

1099

],

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

}</pre>

</div>

<code class="details" id="setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</code>

1105

<pre>Sets the access control policy on the specified resource. Replaces any

1106

existing policy.

1107

1108

Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

1109

1110

Args:

1111

resource: string, REQUIRED: The resource for which the policy is being specified.

1112

See the operation documentation for the appropriate value for this field. (required)

1113

body: object, The request body.

1114

The object takes the form of:

1115

1116

{ # Request message for `SetIamPolicy` method.

1117

"policy": { # An Identity and Access Management (IAM) policy, which specifies access # REQUIRED: The complete policy to be applied to the `resource`. The size of

1118

# the policy is limited to a few 10s of KB. An empty policy is a

1119

# valid policy but certain Cloud Platform services (such as Projects)

1120

# might reject them.

1121

# controls for Google Cloud resources.

1122

#

1123

#

1124

# A `Policy` is a collection of `bindings`. A `binding` binds one or more

1125

# `members` to a single `role`. Members can be user accounts, service accounts,

1126

# Google groups, and domains (such as G Suite). A `role` is a named list of

1127

# permissions; each `role` can be an IAM predefined role or a user-created

1128

# custom role.

1129

#

1130

# For some types of Google Cloud resources, a `binding` can also specify a

1131

# `condition`, which is a logical expression that allows access to a resource

1132

# only if the expression evaluates to `true`. A condition can add constraints

1133

# based on attributes of the request, the resource, or both. To learn which

1134

# resources support conditions in their IAM policies, see the

1135

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

#

# **JSON example:**

#

# {

# "bindings": [

# {

# "role": "roles/resourcemanager.organizationAdmin",

1143

# "members": [

1144

# "user:mike@example.com",

1145

# "group:admins@example.com",

1146

# "domain:google.com",

1147

# "serviceAccount:my-project-id@appspot.gserviceaccount.com"

# ]

# },

# {

# "role": "roles/resourcemanager.organizationViewer",

1152

# "members": [

1153

# "user:eve@example.com"

1154

# ],

1155

# "condition": {

1156

# "title": "expirable access",

1157

# "description": "Does not grant access after Sep 2020",

1158

# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",

# }

# }

# ],

# "etag": "BwWWja0YfJA=",

# "version": 3

# }

#

# **YAML example:**

#

# bindings:

# - members:

# - user:mike@example.com

1171

# - group:admins@example.com

1172

# - domain:google.com

1173

# - serviceAccount:my-project-id@appspot.gserviceaccount.com

1174

# role: roles/resourcemanager.organizationAdmin

1175

# - members:

1176

# - user:eve@example.com

1177

# role: roles/resourcemanager.organizationViewer

1178

# condition:

1179

# title: expirable access

1180

# description: Does not grant access after Sep 2020

1181

# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')

1182

# - etag: BwWWja0YfJA=

1183

# - version: 3

1184

#

1185

# For a description of IAM and its features, see the

1186

# [IAM documentation](https://cloud.google.com/iam/docs/).

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1187

"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help

1188

# prevent simultaneous updates of a policy from overwriting each other.

1189

# It is strongly suggested that systems make use of the `etag` in the

1190

# read-modify-write cycle to perform policy updates in order to avoid race

1191

# conditions: An `etag` is returned in the response to `getIamPolicy`, and

1192

# systems are expected to put that etag in the request to `setIamPolicy` to

1193

# ensure that their change will be applied to the same version of the policy.

1194

#

1195

# **Important:** If you use IAM Conditions, you must include the `etag` field

1196

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

1197

# you to overwrite a version `3` policy with a version `1` policy, and all of

1198

# the conditions in the version `3` policy are lost.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1199

"rules": [ # If more than one rule is specified, the rules are applied in the following

1200

# manner:

1201

# - All matching LOG rules are always applied.

1202

# - If any DENY/DENY_WITH_LOG rule matches, permission is denied.

1203

# Logging will be applied if one or more matching rule requires logging.

1204

# - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is

1205

# granted.

1206

# Logging will be applied if one or more matching rule requires logging.

1207

# - Otherwise, if no rule applies, permission is denied.

1208

{ # A rule to be applied in a Policy.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1209

"description": "A String", # Human-readable description of the rule.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1210

"conditions": [ # Additional restrictions that must be met. All conditions must pass for the

1211

# rule to match.

1212

{ # A condition to be met.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1213

"sys": "A String", # Trusted attributes supplied by any service that owns resources and uses

1214

# the IAM system for access control.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1215

"iam": "A String", # Trusted attributes supplied by the IAM system.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1216

"op": "A String", # An operator to apply the subject with.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1217

"values": [ # The objects of the condition.

1218

"A String",

1219

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1220

"svc": "A String", # Trusted attributes discharged by the service.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1221

},

1222

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1223

"notIn": [ # If one or more 'not_in' clauses are specified, the rule matches

1224

# if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.

1225

# The format for in and not_in entries can be found at in the Local IAM

1226

# documentation (see go/local-iam#features).

1227

"A String",

1228

],

1229

"action": "A String", # Required

1230

"permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'

1231

# (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,

1232

# and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.

1233

"A String",

1234

],

1235

"in": [ # If one or more 'in' clauses are specified, the rule matches if

1236

# the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.

1237

"A String",

1238

],

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1239

"logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries

1240

# that match the LOG action.

1241

{ # Specifies what kind of log the caller must write

1242

"cloudAudit": { # Write a Cloud Audit log # Cloud audit options.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1243

"authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.

1244

"permissionType": "A String", # The type of the permission that was checked.

1245

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1246

"logName": "A String", # The log_name to populate in the Cloud Audit Record.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1247

},

1248

"counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.

1249

#

1250

# Metric names should start with a '/', generally be lowercase-only,

1251

# and end in "_count". Field names should not contain an initial slash.

1252

# The actual exported metric names will have "/iam/policy" prepended.

1253

#

1254

# Field names correspond to IAM request parameters and field values are

1255

# their respective values.

1256

#

1257

# Supported field names:

1258

# - "authority", which is "[token]" if IAMContext.token is present,

1259

# otherwise the value of IAMContext.authority_selector if present, and

1260

# otherwise a representation of IAMContext.principal; or

1261

# - "iam_principal", a representation of IAMContext.principal even if a

1262

# token or authority selector is present; or

1263

# - "" (empty string), resulting in a counter with no fields.

1264

#

1265

# Examples:

1266

# counter { metric: "/debug_access_count" field: "iam_principal" }

1267

# ==> increment counter /iam/policy/debug_access_count

1268

# {iam_principal=[value of IAMContext.principal]}

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1269

"customFields": [ # Custom fields.

1270

{ # Custom fields.

1271

# These can be used to create a counter with arbitrary field/value

1272

# pairs.

1273

# See: go/rpcsp-custom-fields.

1274

"value": "A String", # Value is the field value. It is important that in contrast to the

1275

# CounterOptions.field, the value here is a constant that is not

1276

# derived from the IAMContext.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1277

"name": "A String", # Name is the field name.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1278

},

1279

],

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1280

"field": "A String", # The field value to attribute.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1281

"metric": "A String", # The metric to update.

1282

},

1283

"dataAccess": { # Write a Data Access (Gin) log # Data access options.

1284

"logMode": "A String",

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1285

},

1286

},

1287

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1288

},

1289

],

1290

"iamOwned": True or False,

1291

"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.

1292

{ # Specifies the audit configuration for a service.

1293

# The configuration determines which permission types are logged, and what

1294

# identities, if any, are exempted from logging.

1295

# An AuditConfig must have one or more AuditLogConfigs.

1296

#

1297

# If there are AuditConfigs for both `allServices` and a specific service,

1298

# the union of the two AuditConfigs is used for that service: the log_types

1299

# specified in each AuditConfig are enabled, and the exempted_members in each

1300

# AuditLogConfig are exempted.

1301

#

1302

# Example Policy with multiple AuditConfigs:

#

# {

# "audit_configs": [

# {

# "service": "allServices",

1308

# "audit_log_configs": [

1309

# {

1310

# "log_type": "DATA_READ",

1311

# "exempted_members": [

1312

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE"

1317

# },

1318

# {

1319

# "log_type": "ADMIN_READ"

# }

# ]

# },

# {

# "service": "sampleservice.googleapis.com",

1325

# "audit_log_configs": [

1326

# {

1327

# "log_type": "DATA_READ"

1328

# },

1329

# {

1330

# "log_type": "DATA_WRITE",

1331

# "exempted_members": [

1332

# "user:aliya@example.com"

# ]

# }

# ]

# }

# ]

# }

#

# For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ

1341

# logging. It also exempts jose@example.com from DATA_READ logging, and

1342

# aliya@example.com from DATA_WRITE logging.

1343

"exemptedMembers": [

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1344

"A String",

1345

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1346

"auditLogConfigs": [ # The configuration for logging of each type of permission.

1347

{ # Provides the configuration for logging a type of permissions.

# Example:

#

# {

# "audit_log_configs": [

1352

# {

1353

# "log_type": "DATA_READ",

1354

# "exempted_members": [

1355

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE"

# }

# ]

# }

#

# This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting

1365

# jose@example.com from DATA_READ logging.

1366

"ignoreChildExemptions": True or False,

1367

"exemptedMembers": [ # Specifies the identities that do not cause logging for this type of

1368

# permission.

1369

# Follows the same format of Binding.members.

1370

"A String",

1371

],

1372

"logType": "A String", # The log type that this config enables.

1373

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1374

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1375

"service": "A String", # Specifies a service that will be enabled for audit logging.

1376

# For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.

1377

# `allServices` is a special value that covers all services.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1378

},

1379

],

1380

"version": 42, # Specifies the format of the policy.

1381

#

1382

# Valid values are `0`, `1`, and `3`. Requests that specify an invalid value

1383

# are rejected.

1384

#

1385

# Any operation that affects conditional role bindings must specify version

1386

# `3`. This requirement applies to the following operations:

1387

#

1388

# * Getting a policy that includes a conditional role binding

1389

# * Adding a conditional role binding to a policy

1390

# * Changing a conditional role binding in a policy

1391

# * Removing any role binding, with or without a condition, from a policy

1392

# that includes conditions

1393

#

1394

# **Important:** If you use IAM Conditions, you must include the `etag` field

1395

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

1396

# you to overwrite a version `3` policy with a version `1` policy, and all of

1397

# the conditions in the version `3` policy are lost.

1398

#

1399

# If a policy does not include any conditions, operations on that policy may

1400

# specify any valid version or leave the field unset.

1401

#

1402

# To learn which resources support conditions in their IAM policies, see the

1403

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1404

"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a

1405

# `condition` that determines how and when the `bindings` are applied. Each

1406

# of the `bindings` must contain at least one member.

1407

{ # Associates `members` with a `role`.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1408

"members": [ # Specifies the identities requesting access for a Cloud Platform resource.

1409

# `members` can have the following values:

1410

#

1411

# * `allUsers`: A special identifier that represents anyone who is

1412

# on the internet; with or without a Google account.

1413

#

1414

# * `allAuthenticatedUsers`: A special identifier that represents anyone

1415

# who is authenticated with a Google account or a service account.

1416

#

1417

# * `user:{emailid}`: An email address that represents a specific Google

1418

# account. For example, `alice@example.com` .

1419

#

1420

#

1421

# * `serviceAccount:{emailid}`: An email address that represents a service

1422

# account. For example, `my-other-app@appspot.gserviceaccount.com`.

1423

#

1424

# * `group:{emailid}`: An email address that represents a Google group.

1425

# For example, `admins@example.com`.

1426

#

1427

# * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique

1428

# identifier) representing a user that has been recently deleted. For

1429

# example, `alice@example.com?uid=123456789012345678901`. If the user is

1430

# recovered, this value reverts to `user:{emailid}` and the recovered user

1431

# retains the role in the binding.

1432

#

1433

# * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus

1434

# unique identifier) representing a service account that has been recently

1435

# deleted. For example,

1436

# `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.

1437

# If the service account is undeleted, this value reverts to

1438

# `serviceAccount:{emailid}` and the undeleted service account retains the

1439

# role in the binding.

1440

#

1441

# * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique

1442

# identifier) representing a Google group that has been recently

1443

# deleted. For example, `admins@example.com?uid=123456789012345678901`. If

1444

# the group is recovered, this value reverts to `group:{emailid}` and the

1445

# recovered group retains the role in the binding.

1446

#

1447

#

1448

# * `domain:{domain}`: The G Suite domain (primary) that represents all the

1449

# users of that domain. For example, `google.com` or `example.com`.

1450

#

1451

"A String",

1452

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1453

"condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding.

1454

#

1455

# If the condition evaluates to `true`, then this binding applies to the

1456

# current request.

1457

#

1458

# If the condition evaluates to `false`, then this binding does not apply to

1459

# the current request. However, a different role binding might grant the same

1460

# role to one or more of the members in this binding.

1461

#

1462

# To learn which resources support conditions in their IAM policies, see the

1463

# [IAM

1464

# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

1465

# syntax. CEL is a C-like expression language. The syntax and semantics of CEL

1466

# are documented at https://github.com/google/cel-spec.

1467

#

1468

# Example (Comparison):

1469

#

1470

# title: "Summary size limit"

1471

# description: "Determines if a summary is less than 100 chars"

1472

# expression: "document.summary.size() < 100"

1473

#

1474

# Example (Equality):

1475

#

1476

# title: "Requestor is owner"

1477

# description: "Determines if requestor is the document owner"

1478

# expression: "document.owner == request.auth.claims.email"

#

# Example (Logic):

#

# title: "Public documents"

1483

# description: "Determine whether the document should be publicly visible"

1484

# expression: "document.type != 'private' && document.type != 'internal'"

1485

#

1486

# Example (Data Manipulation):

1487

#

1488

# title: "Notification string"

1489

# description: "Create a notification string with a timestamp."

1490

# expression: "'New message received at ' + string(document.create_time)"

1491

#

1492

# The exact variables and functions that may be referenced within an expression

1493

# are determined by the service that evaluates it. See the service

1494

# documentation for additional information.

1495

"expression": "A String", # Textual representation of an expression in Common Expression Language

1496

# syntax.

1497

"title": "A String", # Optional. Title for the expression, i.e. a short string describing

1498

# its purpose. This can be used e.g. in UIs which allow to enter the

1499

# expression.

1500

"location": "A String", # Optional. String indicating the location of the expression for error

1501

# reporting, e.g. a file name and a position in the file.

1502

"description": "A String", # Optional. Description of the expression. This is a longer text which

1503

# describes the expression, e.g. when hovered over it in a UI.

1504

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1505

"role": "A String", # Role that is assigned to `members`.

1506

# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

1507

},

1508

],

1509

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1510

"updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only

1511

# the fields in the mask will be modified. If no mask is provided, the

1512

# following default mask is used:

1513

#

1514

# `paths: "bindings, etag"`

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1515

}

1516

1517

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

1524

1525

{ # An Identity and Access Management (IAM) policy, which specifies access

1526

# controls for Google Cloud resources.

1527

#

1528

#

1529

# A `Policy` is a collection of `bindings`. A `binding` binds one or more

1530

# `members` to a single `role`. Members can be user accounts, service accounts,

1531

# Google groups, and domains (such as G Suite). A `role` is a named list of

1532

# permissions; each `role` can be an IAM predefined role or a user-created

1533

# custom role.

1534

#

1535

# For some types of Google Cloud resources, a `binding` can also specify a

1536

# `condition`, which is a logical expression that allows access to a resource

1537

# only if the expression evaluates to `true`. A condition can add constraints

1538

# based on attributes of the request, the resource, or both. To learn which

1539

# resources support conditions in their IAM policies, see the

1540

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

#

# **JSON example:**

#

# {

# "bindings": [

# {

# "role": "roles/resourcemanager.organizationAdmin",

1548

# "members": [

1549

# "user:mike@example.com",

1550

# "group:admins@example.com",

1551

# "domain:google.com",

1552

# "serviceAccount:my-project-id@appspot.gserviceaccount.com"

# ]

# },

# {

# "role": "roles/resourcemanager.organizationViewer",

1557

# "members": [

1558

# "user:eve@example.com"

1559

# ],

1560

# "condition": {

1561

# "title": "expirable access",

1562

# "description": "Does not grant access after Sep 2020",

1563

# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",

# }

# }

# ],

# "etag": "BwWWja0YfJA=",

# "version": 3

# }

#

# **YAML example:**

#

# bindings:

# - members:

# - user:mike@example.com

1576

# - group:admins@example.com

1577

# - domain:google.com

1578

# - serviceAccount:my-project-id@appspot.gserviceaccount.com

1579

# role: roles/resourcemanager.organizationAdmin

1580

# - members:

1581

# - user:eve@example.com

1582

# role: roles/resourcemanager.organizationViewer

1583

# condition:

1584

# title: expirable access

1585

# description: Does not grant access after Sep 2020

1586

# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')

1587

# - etag: BwWWja0YfJA=

1588

# - version: 3

1589

#

1590

# For a description of IAM and its features, see the

1591

# [IAM documentation](https://cloud.google.com/iam/docs/).

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1592

"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help

1593

# prevent simultaneous updates of a policy from overwriting each other.

1594

# It is strongly suggested that systems make use of the `etag` in the

1595

# read-modify-write cycle to perform policy updates in order to avoid race

1596

# conditions: An `etag` is returned in the response to `getIamPolicy`, and

1597

# systems are expected to put that etag in the request to `setIamPolicy` to

1598

# ensure that their change will be applied to the same version of the policy.

1599

#

1600

# **Important:** If you use IAM Conditions, you must include the `etag` field

1601

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

1602

# you to overwrite a version `3` policy with a version `1` policy, and all of

1603

# the conditions in the version `3` policy are lost.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1604

"rules": [ # If more than one rule is specified, the rules are applied in the following

1605

# manner:

1606

# - All matching LOG rules are always applied.

1607

# - If any DENY/DENY_WITH_LOG rule matches, permission is denied.

1608

# Logging will be applied if one or more matching rule requires logging.

1609

# - Otherwise, if any ALLOW/ALLOW_WITH_LOG rule matches, permission is

1610

# granted.

1611

# Logging will be applied if one or more matching rule requires logging.

1612

# - Otherwise, if no rule applies, permission is denied.

1613

{ # A rule to be applied in a Policy.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1614

"description": "A String", # Human-readable description of the rule.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1615

"conditions": [ # Additional restrictions that must be met. All conditions must pass for the

1616

# rule to match.

1617

{ # A condition to be met.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1618

"sys": "A String", # Trusted attributes supplied by any service that owns resources and uses

1619

# the IAM system for access control.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1620

"iam": "A String", # Trusted attributes supplied by the IAM system.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1621

"op": "A String", # An operator to apply the subject with.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1622

"values": [ # The objects of the condition.

1623

"A String",

1624

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1625

"svc": "A String", # Trusted attributes discharged by the service.

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1626

},

1627

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1628

"notIn": [ # If one or more 'not_in' clauses are specified, the rule matches

1629

# if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries.

1630

# The format for in and not_in entries can be found at in the Local IAM

1631

# documentation (see go/local-iam#features).

1632

"A String",

1633

],

1634

"action": "A String", # Required

1635

"permissions": [ # A permission is a string of form '<service>.<resource type>.<verb>'

1636

# (e.g., 'storage.buckets.list'). A value of '*' matches all permissions,

1637

# and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.

1638

"A String",

1639

],

1640

"in": [ # If one or more 'in' clauses are specified, the rule matches if

1641

# the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.

1642

"A String",

1643

],

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1644

"logConfig": [ # The config returned to callers of tech.iam.IAM.CheckPolicy for any entries

1645

# that match the LOG action.

1646

{ # Specifies what kind of log the caller must write

1647

"cloudAudit": { # Write a Cloud Audit log # Cloud audit options.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1648

"authorizationLoggingOptions": { # Authorization-related information used by Cloud Audit Logging. # Information used by the Cloud Audit Logging pipeline.

1649

"permissionType": "A String", # The type of the permission that was checked.

1650

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1651

"logName": "A String", # The log_name to populate in the Cloud Audit Record.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1652

},

1653

"counter": { # Increment a streamz counter with the specified metric and field names. # Counter options.

1654

#

1655

# Metric names should start with a '/', generally be lowercase-only,

1656

# and end in "_count". Field names should not contain an initial slash.

1657

# The actual exported metric names will have "/iam/policy" prepended.

1658

#

1659

# Field names correspond to IAM request parameters and field values are

1660

# their respective values.

1661

#

1662

# Supported field names:

1663

# - "authority", which is "[token]" if IAMContext.token is present,

1664

# otherwise the value of IAMContext.authority_selector if present, and

1665

# otherwise a representation of IAMContext.principal; or

1666

# - "iam_principal", a representation of IAMContext.principal even if a

1667

# token or authority selector is present; or

1668

# - "" (empty string), resulting in a counter with no fields.

1669

#

1670

# Examples:

1671

# counter { metric: "/debug_access_count" field: "iam_principal" }

1672

# ==> increment counter /iam/policy/debug_access_count

1673

# {iam_principal=[value of IAMContext.principal]}

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1674

"customFields": [ # Custom fields.

1675

{ # Custom fields.

1676

# These can be used to create a counter with arbitrary field/value

1677

# pairs.

1678

# See: go/rpcsp-custom-fields.

1679

"value": "A String", # Value is the field value. It is important that in contrast to the

1680

# CounterOptions.field, the value here is a constant that is not

1681

# derived from the IAMContext.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1682

"name": "A String", # Name is the field name.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1683

},

1684

],

Bu Sun Kim

2020-05-27 12:20:54 -0700

[diff] [blame]

1685

"field": "A String", # The field value to attribute.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1686

"metric": "A String", # The metric to update.

1687

},

1688

"dataAccess": { # Write a Data Access (Gin) log # Data access options.

1689

"logMode": "A String",

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1690

},

1691

},

1692

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1693

},

1694

],

1695

"iamOwned": True or False,

1696

"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.

1697

{ # Specifies the audit configuration for a service.

1698

# The configuration determines which permission types are logged, and what

1699

# identities, if any, are exempted from logging.

1700

# An AuditConfig must have one or more AuditLogConfigs.

1701

#

1702

# If there are AuditConfigs for both `allServices` and a specific service,

1703

# the union of the two AuditConfigs is used for that service: the log_types

1704

# specified in each AuditConfig are enabled, and the exempted_members in each

1705

# AuditLogConfig are exempted.

1706

#

1707

# Example Policy with multiple AuditConfigs:

#

# {

# "audit_configs": [

# {

# "service": "allServices",

1713

# "audit_log_configs": [

1714

# {

1715

# "log_type": "DATA_READ",

1716

# "exempted_members": [

1717

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE"

1722

# },

1723

# {

1724

# "log_type": "ADMIN_READ"

# }

# ]

# },

# {

# "service": "sampleservice.googleapis.com",

1730

# "audit_log_configs": [

1731

# {

1732

# "log_type": "DATA_READ"

1733

# },

1734

# {

1735

# "log_type": "DATA_WRITE",

1736

# "exempted_members": [

1737

# "user:aliya@example.com"

# ]

# }

# ]

# }

# ]

# }

#

# For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ

1746

# logging. It also exempts jose@example.com from DATA_READ logging, and

1747

# aliya@example.com from DATA_WRITE logging.

1748

"exemptedMembers": [

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1749

"A String",

1750

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1751

"auditLogConfigs": [ # The configuration for logging of each type of permission.

1752

{ # Provides the configuration for logging a type of permissions.

# Example:

#

# {

# "audit_log_configs": [

1757

# {

1758

# "log_type": "DATA_READ",

1759

# "exempted_members": [

1760

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE"

# }

# ]

# }

#

# This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting

1770

# jose@example.com from DATA_READ logging.

1771

"ignoreChildExemptions": True or False,

1772

"exemptedMembers": [ # Specifies the identities that do not cause logging for this type of

1773

# permission.

1774

# Follows the same format of Binding.members.

1775

"A String",

1776

],

1777

"logType": "A String", # The log type that this config enables.

1778

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1779

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1780

"service": "A String", # Specifies a service that will be enabled for audit logging.

1781

# For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.

1782

# `allServices` is a special value that covers all services.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1783

},

1784

],

1785

"version": 42, # Specifies the format of the policy.

1786

#

1787

# Valid values are `0`, `1`, and `3`. Requests that specify an invalid value

1788

# are rejected.

1789

#

1790

# Any operation that affects conditional role bindings must specify version

1791

# `3`. This requirement applies to the following operations:

1792

#

1793

# * Getting a policy that includes a conditional role binding

1794

# * Adding a conditional role binding to a policy

1795

# * Changing a conditional role binding in a policy

1796

# * Removing any role binding, with or without a condition, from a policy

1797

# that includes conditions

1798

#

1799

# **Important:** If you use IAM Conditions, you must include the `etag` field

1800

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

1801

# you to overwrite a version `3` policy with a version `1` policy, and all of

1802

# the conditions in the version `3` policy are lost.

1803

#

1804

# If a policy does not include any conditions, operations on that policy may

1805

# specify any valid version or leave the field unset.

1806

#

1807

# To learn which resources support conditions in their IAM policies, see the

1808

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1809

"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a

1810

# `condition` that determines how and when the `bindings` are applied. Each

1811

# of the `bindings` must contain at least one member.

1812

{ # Associates `members` with a `role`.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1813

"members": [ # Specifies the identities requesting access for a Cloud Platform resource.

1814

# `members` can have the following values:

1815

#

1816

# * `allUsers`: A special identifier that represents anyone who is

1817

# on the internet; with or without a Google account.

1818

#

1819

# * `allAuthenticatedUsers`: A special identifier that represents anyone

1820

# who is authenticated with a Google account or a service account.

1821

#

1822

# * `user:{emailid}`: An email address that represents a specific Google

1823

# account. For example, `alice@example.com` .

1824

#

1825

#

1826

# * `serviceAccount:{emailid}`: An email address that represents a service

1827

# account. For example, `my-other-app@appspot.gserviceaccount.com`.

1828

#

1829

# * `group:{emailid}`: An email address that represents a Google group.

1830

# For example, `admins@example.com`.

1831

#

1832

# * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique

1833

# identifier) representing a user that has been recently deleted. For

1834

# example, `alice@example.com?uid=123456789012345678901`. If the user is

1835

# recovered, this value reverts to `user:{emailid}` and the recovered user

1836

# retains the role in the binding.

1837

#

1838

# * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus

1839

# unique identifier) representing a service account that has been recently

1840

# deleted. For example,

1841

# `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.

1842

# If the service account is undeleted, this value reverts to

1843

# `serviceAccount:{emailid}` and the undeleted service account retains the

1844

# role in the binding.

1845

#

1846

# * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique

1847

# identifier) representing a Google group that has been recently

1848

# deleted. For example, `admins@example.com?uid=123456789012345678901`. If

1849

# the group is recovered, this value reverts to `group:{emailid}` and the

1850

# recovered group retains the role in the binding.

1851

#

1852

#

1853

# * `domain:{domain}`: The G Suite domain (primary) that represents all the

1854

# users of that domain. For example, `google.com` or `example.com`.

1855

#

1856

"A String",

1857

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1858

"condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding.

1859

#

1860

# If the condition evaluates to `true`, then this binding applies to the

1861

# current request.

1862

#

1863

# If the condition evaluates to `false`, then this binding does not apply to

1864

# the current request. However, a different role binding might grant the same

1865

# role to one or more of the members in this binding.

1866

#

1867

# To learn which resources support conditions in their IAM policies, see the

1868

# [IAM

1869

# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

1870

# syntax. CEL is a C-like expression language. The syntax and semantics of CEL

1871

# are documented at https://github.com/google/cel-spec.

1872

#

1873

# Example (Comparison):

1874

#

1875

# title: "Summary size limit"

1876

# description: "Determines if a summary is less than 100 chars"

1877

# expression: "document.summary.size() < 100"

1878

#

1879

# Example (Equality):

1880

#

1881

# title: "Requestor is owner"

1882

# description: "Determines if requestor is the document owner"

1883

# expression: "document.owner == request.auth.claims.email"

#

# Example (Logic):

#

# title: "Public documents"

1888

# description: "Determine whether the document should be publicly visible"

1889

# expression: "document.type != 'private' && document.type != 'internal'"

1890

#

1891

# Example (Data Manipulation):

1892

#

1893

# title: "Notification string"

1894

# description: "Create a notification string with a timestamp."

1895

# expression: "'New message received at ' + string(document.create_time)"

1896

#

1897

# The exact variables and functions that may be referenced within an expression

1898

# are determined by the service that evaluates it. See the service

1899

# documentation for additional information.

1900

"expression": "A String", # Textual representation of an expression in Common Expression Language

1901

# syntax.

1902

"title": "A String", # Optional. Title for the expression, i.e. a short string describing

1903

# its purpose. This can be used e.g. in UIs which allow to enter the

1904

# expression.

1905

"location": "A String", # Optional. String indicating the location of the expression for error

1906

# reporting, e.g. a file name and a position in the file.

1907

"description": "A String", # Optional. Description of the expression. This is a longer text which

1908

# describes the expression, e.g. when hovered over it in a UI.

1909

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1910

"role": "A String", # Role that is assigned to `members`.

1911

# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

},

],

}</pre>

</div>

<code class="details" id="testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</code>

1919

<pre>Returns permissions that a caller has on the specified resource.

1920

If the resource does not exist, this will return an empty set of

1921

permissions, not a `NOT_FOUND` error.

1922

1923

Note: This operation is designed to be used for building permission-aware

1924

UIs and command-line tools, not for authorization checking. This operation

1925

may "fail open" without warning.

1926

1927

Args:

1928

resource: string, REQUIRED: The resource for which the policy detail is being requested.

1929

See the operation documentation for the appropriate value for this field. (required)

1930

body: object, The request body.

1931

The object takes the form of:

1932

1933

{ # Request message for `TestIamPermissions` method.

1934

"permissions": [ # The set of permissions to check for the `resource`. Permissions with

1935

# wildcards (such as '*' or 'storage.*') are not allowed. For more

1936

# information see

1937

# [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).

"A String",

],

}

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

1949

1950

{ # Response message for `TestIamPermissions` method.

1951

"permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is

# allowed.

"A String",

],

}</pre>

</div>

<code class="details" id="updateRollout">updateRollout(name, body=None, updateMask=None, x__xgafv=None)</code>

1960

<pre>Patches a single game server deployment rollout.

1961

The method will not return an error if the update does not affect any

1962

existing realms. For example - if the default_game_server_config is changed

1963

but all existing realms use the override, that is valid. Similarly, if a

1964

non existing realm is explicitly called out in game_server_config_overrides

1965

field, that will also not result in an error.

1966

1967

Args:

1968

name: string, The resource name of the game server deployment rollout. Uses the form:

1969

1970

`projects/{project}/locations/{location}/gameServerDeployments/{deployment}/rollout`.

1971

For example,

1972

1973

`projects/my-project/locations/{location}/gameServerDeployments/my-deployment/rollout`. (required)

1974

body: object, The request body.

1975

The object takes the form of:

1976

1977

{ # The game server deployment rollout which represents the desired rollout

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1978

# state.

1979

"gameServerConfigOverrides": [ # Contains the game server config rollout overrides. Overrides are processed

1980

# in the order they are listed. Once a match is found for a realm, the rest

1981

# of the list is not processed.

1982

{ # A game server config override.

1983

"configVersion": "A String", # The game server config for this override.

1984

"realmsSelector": { # The realm selector, used to match realm resources. # Selector for choosing applicable realms.

1985

"realms": [ # List of realms to match.

1986

"A String",

1987

],

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

1988

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

1989

},

1990

],

1991

"updateTime": "A String", # Output only. The last-modified time.

1992

"createTime": "A String", # Output only. The creation time.

1993

"name": "A String", # The resource name of the game server deployment rollout. Uses the form:

1994

#

1995

# `projects/{project}/locations/{location}/gameServerDeployments/{deployment}/rollout`.

1996

# For example,

1997

#

1998

# `projects/my-project/locations/{location}/gameServerDeployments/my-deployment/rollout`.

1999

"etag": "A String", # ETag of the resource.

2000

"defaultGameServerConfig": "A String", # The default game server config is applied to all realms unless overridden

2001

# in the rollout. For example,

2002

#

2003

# `projects/my-project/locations/global/gameServerDeployments/my-game/configs/my-config`.

2004

}

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

2005

2006

updateMask: string, Required. Mask of fields to update. At least one path must be supplied in

2007

this field. For the `FieldMask` definition, see

2008

2009

https:

2010

//developers.google.com/protocol-buffers

2011

// /docs/reference/google.protobuf#fieldmask

2012

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

2019

2020

{ # This resource represents a long-running operation that is the result of a

2021

# network API call.

2022

"done": True or False, # If the value is `false`, it means the operation is still in progress.

2023

# If `true`, the operation is completed, and either `error` or `response` is

2024

# available.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

2025

"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.

2026

# different programming environments, including REST APIs and RPC APIs. It is

2027

# used by [gRPC](https://github.com/grpc). Each `Status` message contains

2028

# three pieces of data: error code, error message, and error details.

2029

#

2030

# You can find out more about this error model and how to work with it in the

2031

# [API Design Guide](https://cloud.google.com/apis/design/errors).

2032

"details": [ # A list of messages that carry the error details. There is a common set of

2033

# message types for APIs to use.

2034

{

2035

"a_key": "", # Properties of the object. Contains field @type with type URL.

2036

},

2037

],

2038

"message": "A String", # A developer-facing error message, which should be in English. Any

2039

# user-facing error message should be localized and sent in the

2040

# google.rpc.Status.details field, or localized by the client.

2041

"code": 42, # The status code, which should be an enum value of google.rpc.Code.

2042

},

2043

"name": "A String", # The server-assigned name, which is only unique within the same service that

2044

# originally returns it. If you use the default HTTP mapping, the

2045

# `name` should be a resource name ending with `operations/{unique_id}`.

2046

"metadata": { # Service-specific metadata associated with the operation. It typically

2047

# contains progress information and common metadata such as create time.

2048

# Some services might not provide such metadata. Any method that returns a

2049

# long-running operation should document the metadata type, if any.

2050

"a_key": "", # Properties of the object. Contains field @type with type URL.

2051

},

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

2052

"response": { # The normal response of the operation in case of success. If the original

2053

# method returns no data on success, such as `Delete`, the response is

2054

# `google.protobuf.Empty`. If the original method is standard

2055

# `Get`/`Create`/`Update`, the response should be the resource. For other

2056

# methods, the response should have the type `XxxResponse`, where `Xxx`

2057

# is the original method name. For example, if the original method name

2058

# is `TakeSnapshot()`, the inferred response type is

2059

# `TakeSnapshotResponse`.

2060

"a_key": "", # Properties of the object. Contains field @type with type URL.

2061

},

Bu Sun Kim