Blame - docs/dyn/memcache_v1beta2.projects.locations.instances.html - platform/external/python/google-api-python-client

<h1><a href="memcache_v1beta2.html">Cloud Memorystore for Memcached API</a> . <a href="memcache_v1beta2.projects.html">projects</a> . <a href="memcache_v1beta2.projects.locations.html">locations</a> . <a href="memcache_v1beta2.projects.locations.instances.html">instances</a></h1>

76

<h2>Instance Methods</h2>

77

78

<code><a href="#applyParameters">applyParameters(name, body=None, x__xgafv=None)</a></code></p>

79

<p class="firstline">ApplyParameters will update current set of Parameters to the set of</p>

80

81

<code><a href="#create">create(parent, body=None, instanceId=None, x__xgafv=None)</a></code></p>

82

<p class="firstline">Creates a new Instance in a given project and location.</p>

83

84

<code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>

85

<p class="firstline">Deletes a single Instance.</p>

86

87

<code><a href="#get">get(name, x__xgafv=None)</a></code></p>

88

<p class="firstline">Gets details of a single Instance.</p>

89

90

<code><a href="#getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</a></code></p>

91

<p class="firstline">Gets the access control policy for a resource.</p>

92

93

<code><a href="#list">list(parent, filter=None, pageToken=None, orderBy=None, pageSize=None, x__xgafv=None)</a></code></p>

94

<p class="firstline">Lists Instances in a given project and location.</p>

95

96

<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>

97

<p class="firstline">Retrieves the next page of results.</p>

98

99

<code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>

100

<p class="firstline">Updates an existing Instance in a given project and location.</p>

101

102

<code><a href="#setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</a></code></p>

103

<p class="firstline">Sets the access control policy on the specified resource. Replaces any</p>

104

105

<code><a href="#testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</a></code></p>

106

<p class="firstline">Returns permissions that a caller has on the specified resource.</p>

107

108

<code><a href="#updateParameters">updateParameters(name, body=None, x__xgafv=None)</a></code></p>

109

<p class="firstline">Updates the defined Memcached Parameters for an existing Instance.</p>

110

<h3>Method Details</h3>

111

112

<code class="details" id="applyParameters">applyParameters(name, body=None, x__xgafv=None)</code>

113

<pre>ApplyParameters will update current set of Parameters to the set of

114

specified nodes of the Memcached Instance.

115

116

Args:

117

name: string, Required. Resource name of the Memcached instance for which parameter group updates

118

should be applied. (required)

119

body: object, The request body.

120

The object takes the form of:

121

122

{ # Request for ApplyParameters.

123

"nodeIds": [ # Nodes to which we should apply the instance-level parameter group.

124

"A String",

125

],

126

"applyAll": True or False, # Whether to apply instance-level parameter group to all nodes. If set to

127

# true, will explicitly restrict users from specifying any nodes, and apply

128

# parameter group updates to all nodes within the instance.

129

}

130

131

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

138

139

{ # This resource represents a long-running operation that is the result of a

140

# network API call.

141

"response": { # The normal response of the operation in case of success. If the original

142

# method returns no data on success, such as `Delete`, the response is

143

# `google.protobuf.Empty`. If the original method is standard

144

# `Get`/`Create`/`Update`, the response should be the resource. For other

145

# methods, the response should have the type `XxxResponse`, where `Xxx`

146

# is the original method name. For example, if the original method name

147

# is `TakeSnapshot()`, the inferred response type is

148

# `TakeSnapshotResponse`.

149

"a_key": "", # Properties of the object. Contains field @type with type URL.

150

},

151

"name": "A String", # The server-assigned name, which is only unique within the same service that

152

# originally returns it. If you use the default HTTP mapping, the

153

# `name` should be a resource name ending with `operations/{unique_id}`.

154

"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.

155

# different programming environments, including REST APIs and RPC APIs. It is

156

# used by [gRPC](https://github.com/grpc). Each `Status` message contains

157

# three pieces of data: error code, error message, and error details.

158

#

159

# You can find out more about this error model and how to work with it in the

160

# [API Design Guide](https://cloud.google.com/apis/design/errors).

161

"details": [ # A list of messages that carry the error details. There is a common set of

162

# message types for APIs to use.

163

{

164

"a_key": "", # Properties of the object. Contains field @type with type URL.

165

},

166

],

167

"code": 42, # The status code, which should be an enum value of google.rpc.Code.

168

"message": "A String", # A developer-facing error message, which should be in English. Any

169

# user-facing error message should be localized and sent in the

170

# google.rpc.Status.details field, or localized by the client.

171

},

172

"metadata": { # Service-specific metadata associated with the operation. It typically

173

# contains progress information and common metadata such as create time.

174

# Some services might not provide such metadata. Any method that returns a

175

# long-running operation should document the metadata type, if any.

176

"a_key": "", # Properties of the object. Contains field @type with type URL.

177

},

178

"done": True or False, # If the value is `false`, it means the operation is still in progress.

179

# If `true`, the operation is completed, and either `error` or `response` is

# available.

}</pre>

</div>

<code class="details" id="create">create(parent, body=None, instanceId=None, x__xgafv=None)</code>

186

<pre>Creates a new Instance in a given project and location.

187

188

Args:

189

parent: string, Required. The resource name of the instance location using the form:

190

`projects/{project_id}/locations/{location_id}`

191

where `location_id` refers to a GCP region (required)

192

body: object, The request body.

193

The object takes the form of:

194

195

{

196

"displayName": "A String", # Optional. User provided name for the instance only used for display

197

# purposes. Cannot be more than 80 characters.

198

"nodeCount": 42, # Required. Number of nodes in the Memcached instance.

199

"labels": { # Optional. Resource labels to represent user-provided metadata.

200

# Refer to cloud documentation on labels for more details.

201

# https://cloud.google.com/compute/docs/labeling-resources

202

"a_key": "A String",

203

},

204

"createTime": "A String", # Output only. The time the instance was created.

205

"zones": [ # Optional. Zones where Memcached nodes should be provisioned in.

206

# Memcached nodes will be equally distributed across these zones. If not

207

# provided, the service will by default create nodes in all zones in the

208

# region for the instance.

209

"A String",

210

],

211

"updateTime": "A String", # Output only. The time the instance was updated.

212

"parameters": { # Optional: User defined parameters to apply to the memcached process

213

# on each node.

214

"id": "A String", # Output only. The unique ID associated with this set of parameters. Users

215

# can use this id to determine if the parameters associated with the instance

216

# differ from the parameters associated with the nodes and any action needs

217

# to be taken to apply parameters on nodes.

218

"params": { # User defined set of parameters to use in the memcached process.

"a_key": "A String",

},

},

"memcacheNodes": [ # Output only. List of Memcached nodes.

223

# Refer to [Node] message for more details.

224

{

225

"port": 42, # Output only. The port number of the Memcached server on this node.

226

"nodeId": "A String", # Output only. Identifier of the Memcached node. The node id does not

227

# include project or location like the Memcached instance name.

228

"host": "A String", # Output only. Hostname or IP address of the Memcached node used by the

229

# clients to connect to the Memcached server on this node.

230

"zone": "A String", # Output only. Location (GCP Zone) for the Memcached node.

231

"state": "A String", # Output only. Current state of the Memcached node.

232

"parameters": { # User defined parameters currently applied to the node.

233

"id": "A String", # Output only. The unique ID associated with this set of parameters. Users

234

# can use this id to determine if the parameters associated with the instance

235

# differ from the parameters associated with the nodes and any action needs

236

# to be taken to apply parameters on nodes.

237

"params": { # User defined set of parameters to use in the memcached process.

"a_key": "A String",

},

},

},

],

"nodeConfig": { # Configuration for a Memcached Node. # Required. Configuration for Memcached nodes.

244

"cpuCount": 42, # Required. Number of cpus per Memcached node.

245

"memorySizeMb": 42, # Required. Memory size in MiB for each Memcached node.

246

},

247

"memcacheVersion": "A String", # Optional. The major version of Memcached software.

248

# If not provided, latest supported version will be used. Currently the

249

# latest supported major version is MEMCACHE_1_5.

250

# The minor version will be automatically determined by our system based on

251

# the latest supported minor version.

252

"authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine

253

# [network](/compute/docs/networks-and-firewalls#networks) to which the

254

# instance is connected. If left unspecified, the `default` network

255

# will be used.

256

"memcacheFullVersion": "A String", # Output only. The full version of memcached server running on this instance.

257

# System automatically determines the full memcached version for an instance

258

# based on the input MemcacheVersion.

259

# The full version format will be "memcached-1.5.16".

260

"instanceMessages": [ # List of messages that describe current statuses of memcached instance.

261

{

262

"code": "A String", # A code that correspond to one type of user-facing message.

263

"message": "A String", # Message on memcached instance which will be exposed to users.

264

},

265

],

266

"state": "A String", # Output only. The state of this Memcached instance.

267

"name": "A String", # Required. Unique name of the resource in this scope including project and

268

# location using the form:

269

# `projects/{project_id}/locations/{location_id}/instances/{instance_id}`

270

#

271

# Note: Memcached instances are managed and addressed at regional level so

272

# location_id here refers to a GCP region; however, users may choose which

273

# zones Memcached nodes within an instances should be provisioned in.

274

# Refer to [zones] field for more details.

275

"discoveryEndpoint": "A String", # Output only. Endpoint for Discovery API

276

}

277

278

instanceId: string, Required. The logical name of the Memcached instance in the user

279

project with the following restrictions:

280

281

* Must contain only lowercase letters, numbers, and hyphens.

282

* Must start with a letter.

283

* Must be between 1-40 characters.

284

* Must end with a number or a letter.

285

* Must be unique within the user project / location

286

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

293

294

{ # This resource represents a long-running operation that is the result of a

295

# network API call.

296

"response": { # The normal response of the operation in case of success. If the original

297

# method returns no data on success, such as `Delete`, the response is

298

# `google.protobuf.Empty`. If the original method is standard

299

# `Get`/`Create`/`Update`, the response should be the resource. For other

300

# methods, the response should have the type `XxxResponse`, where `Xxx`

301

# is the original method name. For example, if the original method name

302

# is `TakeSnapshot()`, the inferred response type is

303

# `TakeSnapshotResponse`.

304

"a_key": "", # Properties of the object. Contains field @type with type URL.

305

},

306

"name": "A String", # The server-assigned name, which is only unique within the same service that

307

# originally returns it. If you use the default HTTP mapping, the

308

# `name` should be a resource name ending with `operations/{unique_id}`.

309

"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.

310

# different programming environments, including REST APIs and RPC APIs. It is

311

# used by [gRPC](https://github.com/grpc). Each `Status` message contains

312

# three pieces of data: error code, error message, and error details.

313

#

314

# You can find out more about this error model and how to work with it in the

315

# [API Design Guide](https://cloud.google.com/apis/design/errors).

316

"details": [ # A list of messages that carry the error details. There is a common set of

317

# message types for APIs to use.

318

{

319

"a_key": "", # Properties of the object. Contains field @type with type URL.

320

},

321

],

322

"code": 42, # The status code, which should be an enum value of google.rpc.Code.

323

"message": "A String", # A developer-facing error message, which should be in English. Any

324

# user-facing error message should be localized and sent in the

325

# google.rpc.Status.details field, or localized by the client.

326

},

327

"metadata": { # Service-specific metadata associated with the operation. It typically

328

# contains progress information and common metadata such as create time.

329

# Some services might not provide such metadata. Any method that returns a

330

# long-running operation should document the metadata type, if any.

331

"a_key": "", # Properties of the object. Contains field @type with type URL.

332

},

333

"done": True or False, # If the value is `false`, it means the operation is still in progress.

334

# If `true`, the operation is completed, and either `error` or `response` is

# available.

}</pre>

</div>

<code class="details" id="delete">delete(name, x__xgafv=None)</code>

341

<pre>Deletes a single Instance.

342

343

Args:

344

name: string, Required. Memcached instance resource name in the format:

345

`projects/{project_id}/locations/{location_id}/instances/{instance_id}`

346

where `location_id` refers to a GCP region (required)

347

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

354

355

{ # This resource represents a long-running operation that is the result of a

356

# network API call.

357

"response": { # The normal response of the operation in case of success. If the original

358

# method returns no data on success, such as `Delete`, the response is

359

# `google.protobuf.Empty`. If the original method is standard

360

# `Get`/`Create`/`Update`, the response should be the resource. For other

361

# methods, the response should have the type `XxxResponse`, where `Xxx`

362

# is the original method name. For example, if the original method name

363

# is `TakeSnapshot()`, the inferred response type is

364

# `TakeSnapshotResponse`.

365

"a_key": "", # Properties of the object. Contains field @type with type URL.

366

},

367

"name": "A String", # The server-assigned name, which is only unique within the same service that

368

# originally returns it. If you use the default HTTP mapping, the

369

# `name` should be a resource name ending with `operations/{unique_id}`.

370

"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.

371

# different programming environments, including REST APIs and RPC APIs. It is

372

# used by [gRPC](https://github.com/grpc). Each `Status` message contains

373

# three pieces of data: error code, error message, and error details.

374

#

375

# You can find out more about this error model and how to work with it in the

376

# [API Design Guide](https://cloud.google.com/apis/design/errors).

377

"details": [ # A list of messages that carry the error details. There is a common set of

378

# message types for APIs to use.

379

{

380

"a_key": "", # Properties of the object. Contains field @type with type URL.

381

},

382

],

383

"code": 42, # The status code, which should be an enum value of google.rpc.Code.

384

"message": "A String", # A developer-facing error message, which should be in English. Any

385

# user-facing error message should be localized and sent in the

386

# google.rpc.Status.details field, or localized by the client.

387

},

388

"metadata": { # Service-specific metadata associated with the operation. It typically

389

# contains progress information and common metadata such as create time.

390

# Some services might not provide such metadata. Any method that returns a

391

# long-running operation should document the metadata type, if any.

392

"a_key": "", # Properties of the object. Contains field @type with type URL.

393

},

394

"done": True or False, # If the value is `false`, it means the operation is still in progress.

395

# If `true`, the operation is completed, and either `error` or `response` is

# available.

}</pre>

</div>

<code class="details" id="get">get(name, x__xgafv=None)</code>

402

<pre>Gets details of a single Instance.

403

404

Args:

405

name: string, Required. Memcached instance resource name in the format:

406

`projects/{project_id}/locations/{location_id}/instances/{instance_id}`

407

where `location_id` refers to a GCP region (required)

408

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

415

416

{

417

"displayName": "A String", # Optional. User provided name for the instance only used for display

418

# purposes. Cannot be more than 80 characters.

419

"nodeCount": 42, # Required. Number of nodes in the Memcached instance.

420

"labels": { # Optional. Resource labels to represent user-provided metadata.

421

# Refer to cloud documentation on labels for more details.

422

# https://cloud.google.com/compute/docs/labeling-resources

423

"a_key": "A String",

424

},

425

"createTime": "A String", # Output only. The time the instance was created.

426

"zones": [ # Optional. Zones where Memcached nodes should be provisioned in.

427

# Memcached nodes will be equally distributed across these zones. If not

428

# provided, the service will by default create nodes in all zones in the

429

# region for the instance.

430

"A String",

431

],

432

"updateTime": "A String", # Output only. The time the instance was updated.

433

"parameters": { # Optional: User defined parameters to apply to the memcached process

434

# on each node.

435

"id": "A String", # Output only. The unique ID associated with this set of parameters. Users

436

# can use this id to determine if the parameters associated with the instance

437

# differ from the parameters associated with the nodes and any action needs

438

# to be taken to apply parameters on nodes.

439

"params": { # User defined set of parameters to use in the memcached process.

"a_key": "A String",

},

},

"memcacheNodes": [ # Output only. List of Memcached nodes.

444

# Refer to [Node] message for more details.

445

{

446

"port": 42, # Output only. The port number of the Memcached server on this node.

447

"nodeId": "A String", # Output only. Identifier of the Memcached node. The node id does not

448

# include project or location like the Memcached instance name.

449

"host": "A String", # Output only. Hostname or IP address of the Memcached node used by the

450

# clients to connect to the Memcached server on this node.

451

"zone": "A String", # Output only. Location (GCP Zone) for the Memcached node.

452

"state": "A String", # Output only. Current state of the Memcached node.

453

"parameters": { # User defined parameters currently applied to the node.

454

"id": "A String", # Output only. The unique ID associated with this set of parameters. Users

455

# can use this id to determine if the parameters associated with the instance

456

# differ from the parameters associated with the nodes and any action needs

457

# to be taken to apply parameters on nodes.

458

"params": { # User defined set of parameters to use in the memcached process.

"a_key": "A String",

},

},

},

],

"nodeConfig": { # Configuration for a Memcached Node. # Required. Configuration for Memcached nodes.

465

"cpuCount": 42, # Required. Number of cpus per Memcached node.

466

"memorySizeMb": 42, # Required. Memory size in MiB for each Memcached node.

467

},

468

"memcacheVersion": "A String", # Optional. The major version of Memcached software.

469

# If not provided, latest supported version will be used. Currently the

470

# latest supported major version is MEMCACHE_1_5.

471

# The minor version will be automatically determined by our system based on

472

# the latest supported minor version.

473

"authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine

474

# [network](/compute/docs/networks-and-firewalls#networks) to which the

475

# instance is connected. If left unspecified, the `default` network

476

# will be used.

477

"memcacheFullVersion": "A String", # Output only. The full version of memcached server running on this instance.

478

# System automatically determines the full memcached version for an instance

479

# based on the input MemcacheVersion.

480

# The full version format will be "memcached-1.5.16".

481

"instanceMessages": [ # List of messages that describe current statuses of memcached instance.

482

{

483

"code": "A String", # A code that correspond to one type of user-facing message.

484

"message": "A String", # Message on memcached instance which will be exposed to users.

485

},

486

],

487

"state": "A String", # Output only. The state of this Memcached instance.

488

"name": "A String", # Required. Unique name of the resource in this scope including project and

489

# location using the form:

490

# `projects/{project_id}/locations/{location_id}/instances/{instance_id}`

491

#

492

# Note: Memcached instances are managed and addressed at regional level so

493

# location_id here refers to a GCP region; however, users may choose which

494

# zones Memcached nodes within an instances should be provisioned in.

495

# Refer to [zones] field for more details.

496

"discoveryEndpoint": "A String", # Output only. Endpoint for Discovery API

}</pre>

</div>

<code class="details" id="getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</code>

502

<pre>Gets the access control policy for a resource.

503

Returns an empty policy if the resource exists and does not have a policy

set.

Args:

resource: string, REQUIRED: The resource for which the policy is being requested.

508

See the operation documentation for the appropriate value for this field. (required)

509

options_requestedPolicyVersion: integer, Optional. The policy format version to be returned.

510

511

Valid values are 0, 1, and 3. Requests specifying an invalid value will be

512

rejected.

513

514

Requests for policies with any conditional bindings must specify version 3.

515

Policies without any conditional bindings may specify any valid value or

516

leave the field unset.

517

518

To learn which resources support conditions in their IAM policies, see the

519

[IAM

520

documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

521

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

528

529

{ # An Identity and Access Management (IAM) policy, which specifies access

530

# controls for Google Cloud resources.

531

#

532

#

533

# A `Policy` is a collection of `bindings`. A `binding` binds one or more

534

# `members` to a single `role`. Members can be user accounts, service accounts,

535

# Google groups, and domains (such as G Suite). A `role` is a named list of

536

# permissions; each `role` can be an IAM predefined role or a user-created

537

# custom role.

538

#

539

# For some types of Google Cloud resources, a `binding` can also specify a

540

# `condition`, which is a logical expression that allows access to a resource

541

# only if the expression evaluates to `true`. A condition can add constraints

542

# based on attributes of the request, the resource, or both. To learn which

543

# resources support conditions in their IAM policies, see the

544

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

#

# **JSON example:**

#

# {

# "bindings": [

# {

# "role": "roles/resourcemanager.organizationAdmin",

552

# "members": [

553

# "user:mike@example.com",

554

# "group:admins@example.com",

555

# "domain:google.com",

556

# "serviceAccount:my-project-id@appspot.gserviceaccount.com"

# ]

# },

# {

# "role": "roles/resourcemanager.organizationViewer",

561

# "members": [

562

# "user:eve@example.com"

563

# ],

564

# "condition": {

565

# "title": "expirable access",

566

# "description": "Does not grant access after Sep 2020",

567

# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",

# }

# }

# ],

# "etag": "BwWWja0YfJA=",

# "version": 3

# }

#

# **YAML example:**

#

# bindings:

# - members:

# - user:mike@example.com

580

# - group:admins@example.com

581

# - domain:google.com

582

# - serviceAccount:my-project-id@appspot.gserviceaccount.com

583

# role: roles/resourcemanager.organizationAdmin

584

# - members:

585

# - user:eve@example.com

586

# role: roles/resourcemanager.organizationViewer

587

# condition:

588

# title: expirable access

589

# description: Does not grant access after Sep 2020

590

# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')

591

# - etag: BwWWja0YfJA=

592

# - version: 3

593

#

594

# For a description of IAM and its features, see the

595

# [IAM documentation](https://cloud.google.com/iam/docs/).

596

"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help

597

# prevent simultaneous updates of a policy from overwriting each other.

598

# It is strongly suggested that systems make use of the `etag` in the

599

# read-modify-write cycle to perform policy updates in order to avoid race

600

# conditions: An `etag` is returned in the response to `getIamPolicy`, and

601

# systems are expected to put that etag in the request to `setIamPolicy` to

602

# ensure that their change will be applied to the same version of the policy.

603

#

604

# **Important:** If you use IAM Conditions, you must include the `etag` field

605

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

606

# you to overwrite a version `3` policy with a version `1` policy, and all of

607

# the conditions in the version `3` policy are lost.

608

"version": 42, # Specifies the format of the policy.

609

#

610

# Valid values are `0`, `1`, and `3`. Requests that specify an invalid value

611

# are rejected.

612

#

613

# Any operation that affects conditional role bindings must specify version

614

# `3`. This requirement applies to the following operations:

615

#

616

# * Getting a policy that includes a conditional role binding

617

# * Adding a conditional role binding to a policy

618

# * Changing a conditional role binding in a policy

619

# * Removing any role binding, with or without a condition, from a policy

620

# that includes conditions

621

#

622

# **Important:** If you use IAM Conditions, you must include the `etag` field

623

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

624

# you to overwrite a version `3` policy with a version `1` policy, and all of

625

# the conditions in the version `3` policy are lost.

626

#

627

# If a policy does not include any conditions, operations on that policy may

628

# specify any valid version or leave the field unset.

629

#

630

# To learn which resources support conditions in their IAM policies, see the

631

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

632

"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.

633

{ # Specifies the audit configuration for a service.

634

# The configuration determines which permission types are logged, and what

635

# identities, if any, are exempted from logging.

636

# An AuditConfig must have one or more AuditLogConfigs.

637

#

638

# If there are AuditConfigs for both `allServices` and a specific service,

639

# the union of the two AuditConfigs is used for that service: the log_types

640

# specified in each AuditConfig are enabled, and the exempted_members in each

641

# AuditLogConfig are exempted.

642

#

643

# Example Policy with multiple AuditConfigs:

#

# {

# "audit_configs": [

# {

# "service": "allServices"

649

# "audit_log_configs": [

650

# {

651

# "log_type": "DATA_READ",

652

# "exempted_members": [

653

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE",

658

# },

659

# {

660

# "log_type": "ADMIN_READ",

# }

# ]

# },

# {

# "service": "sampleservice.googleapis.com"

666

# "audit_log_configs": [

667

# {

668

# "log_type": "DATA_READ",

669

# },

670

# {

671

# "log_type": "DATA_WRITE",

672

# "exempted_members": [

673

# "user:aliya@example.com"

# ]

# }

# ]

# }

# ]

# }

#

# For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ

682

# logging. It also exempts jose@example.com from DATA_READ logging, and

683

# aliya@example.com from DATA_WRITE logging.

684

"auditLogConfigs": [ # The configuration for logging of each type of permission.

685

{ # Provides the configuration for logging a type of permissions.

# Example:

#

# {

# "audit_log_configs": [

690

# {

691

# "log_type": "DATA_READ",

692

# "exempted_members": [

693

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE",

# }

# ]

# }

#

# This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting

703

# jose@example.com from DATA_READ logging.

704

"exemptedMembers": [ # Specifies the identities that do not cause logging for this type of

705

# permission.

706

# Follows the same format of Binding.members.

707

"A String",

708

],

709

"logType": "A String", # The log type that this config enables.

710

},

711

],

712

"service": "A String", # Specifies a service that will be enabled for audit logging.

713

# For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.

714

# `allServices` is a special value that covers all services.

715

},

716

],

717

"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a

718

# `condition` that determines how and when the `bindings` are applied. Each

719

# of the `bindings` must contain at least one member.

720

{ # Associates `members` with a `role`.

721

"condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding.

722

#

723

# If the condition evaluates to `true`, then this binding applies to the

724

# current request.

725

#

726

# If the condition evaluates to `false`, then this binding does not apply to

727

# the current request. However, a different role binding might grant the same

728

# role to one or more of the members in this binding.

729

#

730

# To learn which resources support conditions in their IAM policies, see the

731

# [IAM

732

# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

733

# syntax. CEL is a C-like expression language. The syntax and semantics of CEL

734

# are documented at https://github.com/google/cel-spec.

735

#

736

# Example (Comparison):

737

#

738

# title: "Summary size limit"

739

# description: "Determines if a summary is less than 100 chars"

740

# expression: "document.summary.size() < 100"

741

#

742

# Example (Equality):

743

#

744

# title: "Requestor is owner"

745

# description: "Determines if requestor is the document owner"

746

# expression: "document.owner == request.auth.claims.email"

#

# Example (Logic):

#

# title: "Public documents"

751

# description: "Determine whether the document should be publicly visible"

752

# expression: "document.type != 'private' && document.type != 'internal'"

753

#

754

# Example (Data Manipulation):

755

#

756

# title: "Notification string"

757

# description: "Create a notification string with a timestamp."

758

# expression: "'New message received at ' + string(document.create_time)"

759

#

760

# The exact variables and functions that may be referenced within an expression

761

# are determined by the service that evaluates it. See the service

762

# documentation for additional information.

763

"title": "A String", # Optional. Title for the expression, i.e. a short string describing

764

# its purpose. This can be used e.g. in UIs which allow to enter the

765

# expression.

766

"location": "A String", # Optional. String indicating the location of the expression for error

767

# reporting, e.g. a file name and a position in the file.

768

"description": "A String", # Optional. Description of the expression. This is a longer text which

769

# describes the expression, e.g. when hovered over it in a UI.

770

"expression": "A String", # Textual representation of an expression in Common Expression Language

771

# syntax.

772

},

773

"members": [ # Specifies the identities requesting access for a Cloud Platform resource.

774

# `members` can have the following values:

775

#

776

# * `allUsers`: A special identifier that represents anyone who is

777

# on the internet; with or without a Google account.

778

#

779

# * `allAuthenticatedUsers`: A special identifier that represents anyone

780

# who is authenticated with a Google account or a service account.

781

#

782

# * `user:{emailid}`: An email address that represents a specific Google

783

# account. For example, `alice@example.com` .

784

#

785

#

786

# * `serviceAccount:{emailid}`: An email address that represents a service

787

# account. For example, `my-other-app@appspot.gserviceaccount.com`.

788

#

789

# * `group:{emailid}`: An email address that represents a Google group.

790

# For example, `admins@example.com`.

791

#

792

# * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique

793

# identifier) representing a user that has been recently deleted. For

794

# example, `alice@example.com?uid=123456789012345678901`. If the user is

795

# recovered, this value reverts to `user:{emailid}` and the recovered user

796

# retains the role in the binding.

797

#

798

# * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus

799

# unique identifier) representing a service account that has been recently

800

# deleted. For example,

801

# `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.

802

# If the service account is undeleted, this value reverts to

803

# `serviceAccount:{emailid}` and the undeleted service account retains the

804

# role in the binding.

805

#

806

# * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique

807

# identifier) representing a Google group that has been recently

808

# deleted. For example, `admins@example.com?uid=123456789012345678901`. If

809

# the group is recovered, this value reverts to `group:{emailid}` and the

810

# recovered group retains the role in the binding.

811

#

812

#

813

# * `domain:{domain}`: The G Suite domain (primary) that represents all the

814

# users of that domain. For example, `google.com` or `example.com`.

#

"A String",

],

"role": "A String", # Role that is assigned to `members`.

819

# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

},

],

}</pre>

</div>

<code class="details" id="list">list(parent, filter=None, pageToken=None, orderBy=None, pageSize=None, x__xgafv=None)</code>

827

<pre>Lists Instances in a given project and location.

828

829

Args:

830

parent: string, Required. The resource name of the instance location using the form:

831

`projects/{project_id}/locations/{location_id}`

832

where `location_id` refers to a GCP region (required)

833

filter: string, List filter. For example, exclude all Memcached instances with name as

834

my-instance by specifying "name != my-instance".

835

pageToken: string, The next_page_token value returned from a previous List request,

836

if any.

837

orderBy: string, Sort results. Supported values are "name", "name desc" or "" (unsorted).

838

pageSize: integer, The maximum number of items to return.

839

840

If not specified, a default value of 1000 will be used by the service.

841

Regardless of the page_size value, the response may include a partial list

842

and a caller should only rely on response's

843

next_page_token

844

to determine if there are more instances left to be queried.

845

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

852

853

{ # Response for ListInstances.

854

"resources": [ # A list of Memcached instances in the project in the specified location,

855

# or across all locations.

856

#

857

# If the `location_id` in the parent field of the request is "-", all regions

858

# available to the project are queried, and the results aggregated.

859

{

860

"displayName": "A String", # Optional. User provided name for the instance only used for display

861

# purposes. Cannot be more than 80 characters.

862

"nodeCount": 42, # Required. Number of nodes in the Memcached instance.

863

"labels": { # Optional. Resource labels to represent user-provided metadata.

864

# Refer to cloud documentation on labels for more details.

865

# https://cloud.google.com/compute/docs/labeling-resources

866

"a_key": "A String",

867

},

868

"createTime": "A String", # Output only. The time the instance was created.

869

"zones": [ # Optional. Zones where Memcached nodes should be provisioned in.

870

# Memcached nodes will be equally distributed across these zones. If not

871

# provided, the service will by default create nodes in all zones in the

872

# region for the instance.

873

"A String",

874

],

875

"updateTime": "A String", # Output only. The time the instance was updated.

876

"parameters": { # Optional: User defined parameters to apply to the memcached process

877

# on each node.

878

"id": "A String", # Output only. The unique ID associated with this set of parameters. Users

879

# can use this id to determine if the parameters associated with the instance

880

# differ from the parameters associated with the nodes and any action needs

881

# to be taken to apply parameters on nodes.

882

"params": { # User defined set of parameters to use in the memcached process.

"a_key": "A String",

},

},

"memcacheNodes": [ # Output only. List of Memcached nodes.

887

# Refer to [Node] message for more details.

888

{

889

"port": 42, # Output only. The port number of the Memcached server on this node.

890

"nodeId": "A String", # Output only. Identifier of the Memcached node. The node id does not

891

# include project or location like the Memcached instance name.

892

"host": "A String", # Output only. Hostname or IP address of the Memcached node used by the

893

# clients to connect to the Memcached server on this node.

894

"zone": "A String", # Output only. Location (GCP Zone) for the Memcached node.

895

"state": "A String", # Output only. Current state of the Memcached node.

896

"parameters": { # User defined parameters currently applied to the node.

897

"id": "A String", # Output only. The unique ID associated with this set of parameters. Users

898

# can use this id to determine if the parameters associated with the instance

899

# differ from the parameters associated with the nodes and any action needs

900

# to be taken to apply parameters on nodes.

901

"params": { # User defined set of parameters to use in the memcached process.

"a_key": "A String",

},

},

},

],

"nodeConfig": { # Configuration for a Memcached Node. # Required. Configuration for Memcached nodes.

908

"cpuCount": 42, # Required. Number of cpus per Memcached node.

909

"memorySizeMb": 42, # Required. Memory size in MiB for each Memcached node.

910

},

911

"memcacheVersion": "A String", # Optional. The major version of Memcached software.

912

# If not provided, latest supported version will be used. Currently the

913

# latest supported major version is MEMCACHE_1_5.

914

# The minor version will be automatically determined by our system based on

915

# the latest supported minor version.

916

"authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine

917

# [network](/compute/docs/networks-and-firewalls#networks) to which the

918

# instance is connected. If left unspecified, the `default` network

919

# will be used.

920

"memcacheFullVersion": "A String", # Output only. The full version of memcached server running on this instance.

921

# System automatically determines the full memcached version for an instance

922

# based on the input MemcacheVersion.

923

# The full version format will be "memcached-1.5.16".

924

"instanceMessages": [ # List of messages that describe current statuses of memcached instance.

925

{

926

"code": "A String", # A code that correspond to one type of user-facing message.

927

"message": "A String", # Message on memcached instance which will be exposed to users.

928

},

929

],

930

"state": "A String", # Output only. The state of this Memcached instance.

931

"name": "A String", # Required. Unique name of the resource in this scope including project and

932

# location using the form:

933

# `projects/{project_id}/locations/{location_id}/instances/{instance_id}`

934

#

935

# Note: Memcached instances are managed and addressed at regional level so

936

# location_id here refers to a GCP region; however, users may choose which

937

# zones Memcached nodes within an instances should be provisioned in.

938

# Refer to [zones] field for more details.

939

"discoveryEndpoint": "A String", # Output only. Endpoint for Discovery API

940

},

941

],

942

"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more

943

# results in the list.

944

"unreachable": [ # Locations that could not be reached.

"A String",

],

}</pre>

</div>

<code class="details" id="list_next">list_next(previous_request, previous_response)</code>

952

<pre>Retrieves the next page of results.

953

954

Args:

955

previous_request: The request for the previous page. (required)

956

previous_response: The response from the request for the previous page. (required)

957

958

Returns:

959

A request object that you can call 'execute()' on to request the next

960

page. Returns None if there are no more items in the collection.

</pre>

</div>

<code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>

966

<pre>Updates an existing Instance in a given project and location.

967

968

Args:

969

name: string, Required. Unique name of the resource in this scope including project and

970

location using the form:

971

`projects/{project_id}/locations/{location_id}/instances/{instance_id}`

972

973

Note: Memcached instances are managed and addressed at regional level so

974

location_id here refers to a GCP region; however, users may choose which

975

zones Memcached nodes within an instances should be provisioned in.

976

Refer to [zones] field for more details. (required)

977

body: object, The request body.

978

The object takes the form of:

979

980

{

981

"displayName": "A String", # Optional. User provided name for the instance only used for display

982

# purposes. Cannot be more than 80 characters.

983

"nodeCount": 42, # Required. Number of nodes in the Memcached instance.

984

"labels": { # Optional. Resource labels to represent user-provided metadata.

985

# Refer to cloud documentation on labels for more details.

986

# https://cloud.google.com/compute/docs/labeling-resources

987

"a_key": "A String",

988

},

989

"createTime": "A String", # Output only. The time the instance was created.

990

"zones": [ # Optional. Zones where Memcached nodes should be provisioned in.

991

# Memcached nodes will be equally distributed across these zones. If not

992

# provided, the service will by default create nodes in all zones in the

993

# region for the instance.

994

"A String",

995

],

996

"updateTime": "A String", # Output only. The time the instance was updated.

997

"parameters": { # Optional: User defined parameters to apply to the memcached process

998

# on each node.

999

"id": "A String", # Output only. The unique ID associated with this set of parameters. Users

1000

# can use this id to determine if the parameters associated with the instance

1001

# differ from the parameters associated with the nodes and any action needs

1002

# to be taken to apply parameters on nodes.

1003

"params": { # User defined set of parameters to use in the memcached process.

"a_key": "A String",

},

},

"memcacheNodes": [ # Output only. List of Memcached nodes.

1008

# Refer to [Node] message for more details.

1009

{

1010

"port": 42, # Output only. The port number of the Memcached server on this node.

1011

"nodeId": "A String", # Output only. Identifier of the Memcached node. The node id does not

1012

# include project or location like the Memcached instance name.

1013

"host": "A String", # Output only. Hostname or IP address of the Memcached node used by the

1014

# clients to connect to the Memcached server on this node.

1015

"zone": "A String", # Output only. Location (GCP Zone) for the Memcached node.

1016

"state": "A String", # Output only. Current state of the Memcached node.

1017

"parameters": { # User defined parameters currently applied to the node.

1018

"id": "A String", # Output only. The unique ID associated with this set of parameters. Users

1019

# can use this id to determine if the parameters associated with the instance

1020

# differ from the parameters associated with the nodes and any action needs

1021

# to be taken to apply parameters on nodes.

1022

"params": { # User defined set of parameters to use in the memcached process.

"a_key": "A String",

},

},

},

],

"nodeConfig": { # Configuration for a Memcached Node. # Required. Configuration for Memcached nodes.

1029

"cpuCount": 42, # Required. Number of cpus per Memcached node.

1030

"memorySizeMb": 42, # Required. Memory size in MiB for each Memcached node.

1031

},

1032

"memcacheVersion": "A String", # Optional. The major version of Memcached software.

1033

# If not provided, latest supported version will be used. Currently the

1034

# latest supported major version is MEMCACHE_1_5.

1035

# The minor version will be automatically determined by our system based on

1036

# the latest supported minor version.

1037

"authorizedNetwork": "A String", # Optional. The full name of the Google Compute Engine

1038

# [network](/compute/docs/networks-and-firewalls#networks) to which the

1039

# instance is connected. If left unspecified, the `default` network

1040

# will be used.

1041

"memcacheFullVersion": "A String", # Output only. The full version of memcached server running on this instance.

1042

# System automatically determines the full memcached version for an instance

1043

# based on the input MemcacheVersion.

1044

# The full version format will be "memcached-1.5.16".

1045

"instanceMessages": [ # List of messages that describe current statuses of memcached instance.

1046

{

1047

"code": "A String", # A code that correspond to one type of user-facing message.

1048

"message": "A String", # Message on memcached instance which will be exposed to users.

1049

},

1050

],

1051

"state": "A String", # Output only. The state of this Memcached instance.

1052

"name": "A String", # Required. Unique name of the resource in this scope including project and

1053

# location using the form:

1054

# `projects/{project_id}/locations/{location_id}/instances/{instance_id}`

1055

#

1056

# Note: Memcached instances are managed and addressed at regional level so

1057

# location_id here refers to a GCP region; however, users may choose which

1058

# zones Memcached nodes within an instances should be provisioned in.

1059

# Refer to [zones] field for more details.

1060

"discoveryEndpoint": "A String", # Output only. Endpoint for Discovery API

1061

}

1062

1063

updateMask: string, Required. Mask of fields to update.

1064

* `displayName`

1065

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

1072

1073

{ # This resource represents a long-running operation that is the result of a

1074

# network API call.

1075

"response": { # The normal response of the operation in case of success. If the original

1076

# method returns no data on success, such as `Delete`, the response is

1077

# `google.protobuf.Empty`. If the original method is standard

1078

# `Get`/`Create`/`Update`, the response should be the resource. For other

1079

# methods, the response should have the type `XxxResponse`, where `Xxx`

1080

# is the original method name. For example, if the original method name

1081

# is `TakeSnapshot()`, the inferred response type is

1082

# `TakeSnapshotResponse`.

1083

"a_key": "", # Properties of the object. Contains field @type with type URL.

1084

},

1085

"name": "A String", # The server-assigned name, which is only unique within the same service that

1086

# originally returns it. If you use the default HTTP mapping, the

1087

# `name` should be a resource name ending with `operations/{unique_id}`.

1088

"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.

1089

# different programming environments, including REST APIs and RPC APIs. It is

1090

# used by [gRPC](https://github.com/grpc). Each `Status` message contains

1091

# three pieces of data: error code, error message, and error details.

1092

#

1093

# You can find out more about this error model and how to work with it in the

1094

# [API Design Guide](https://cloud.google.com/apis/design/errors).

1095

"details": [ # A list of messages that carry the error details. There is a common set of

1096

# message types for APIs to use.

1097

{

1098

"a_key": "", # Properties of the object. Contains field @type with type URL.

1099

},

1100

],

1101

"code": 42, # The status code, which should be an enum value of google.rpc.Code.

1102

"message": "A String", # A developer-facing error message, which should be in English. Any

1103

# user-facing error message should be localized and sent in the

1104

# google.rpc.Status.details field, or localized by the client.

1105

},

1106

"metadata": { # Service-specific metadata associated with the operation. It typically

1107

# contains progress information and common metadata such as create time.

1108

# Some services might not provide such metadata. Any method that returns a

1109

# long-running operation should document the metadata type, if any.

1110

"a_key": "", # Properties of the object. Contains field @type with type URL.

1111

},

1112

"done": True or False, # If the value is `false`, it means the operation is still in progress.

1113

# If `true`, the operation is completed, and either `error` or `response` is

# available.

}</pre>

</div>

<code class="details" id="setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</code>

1120

<pre>Sets the access control policy on the specified resource. Replaces any

1121

existing policy.

1122

1123

Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

1124

1125

Args:

1126

resource: string, REQUIRED: The resource for which the policy is being specified.

1127

See the operation documentation for the appropriate value for this field. (required)

1128

body: object, The request body.

1129

The object takes the form of:

1130

1131

{ # Request message for `SetIamPolicy` method.

1132

"updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only

1133

# the fields in the mask will be modified. If no mask is provided, the

1134

# following default mask is used:

1135

#

1136

# `paths: "bindings, etag"`

1137

"policy": { # An Identity and Access Management (IAM) policy, which specifies access # REQUIRED: The complete policy to be applied to the `resource`. The size of

1138

# the policy is limited to a few 10s of KB. An empty policy is a

1139

# valid policy but certain Cloud Platform services (such as Projects)

1140

# might reject them.

1141

# controls for Google Cloud resources.

1142

#

1143

#

1144

# A `Policy` is a collection of `bindings`. A `binding` binds one or more

1145

# `members` to a single `role`. Members can be user accounts, service accounts,

1146

# Google groups, and domains (such as G Suite). A `role` is a named list of

1147

# permissions; each `role` can be an IAM predefined role or a user-created

1148

# custom role.

1149

#

1150

# For some types of Google Cloud resources, a `binding` can also specify a

1151

# `condition`, which is a logical expression that allows access to a resource

1152

# only if the expression evaluates to `true`. A condition can add constraints

1153

# based on attributes of the request, the resource, or both. To learn which

1154

# resources support conditions in their IAM policies, see the

1155

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

#

# **JSON example:**

#

# {

# "bindings": [

# {

# "role": "roles/resourcemanager.organizationAdmin",

1163

# "members": [

1164

# "user:mike@example.com",

1165

# "group:admins@example.com",

1166

# "domain:google.com",

1167

# "serviceAccount:my-project-id@appspot.gserviceaccount.com"

# ]

# },

# {

# "role": "roles/resourcemanager.organizationViewer",

1172

# "members": [

1173

# "user:eve@example.com"

1174

# ],

1175

# "condition": {

1176

# "title": "expirable access",

1177

# "description": "Does not grant access after Sep 2020",

1178

# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",

# }

# }

# ],

# "etag": "BwWWja0YfJA=",

# "version": 3

# }

#

# **YAML example:**

#

# bindings:

# - members:

# - user:mike@example.com

1191

# - group:admins@example.com

1192

# - domain:google.com

1193

# - serviceAccount:my-project-id@appspot.gserviceaccount.com

1194

# role: roles/resourcemanager.organizationAdmin

1195

# - members:

1196

# - user:eve@example.com

1197

# role: roles/resourcemanager.organizationViewer

1198

# condition:

1199

# title: expirable access

1200

# description: Does not grant access after Sep 2020

1201

# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')

1202

# - etag: BwWWja0YfJA=

1203

# - version: 3

1204

#

1205

# For a description of IAM and its features, see the

1206

# [IAM documentation](https://cloud.google.com/iam/docs/).

1207

"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help

1208

# prevent simultaneous updates of a policy from overwriting each other.

1209

# It is strongly suggested that systems make use of the `etag` in the

1210

# read-modify-write cycle to perform policy updates in order to avoid race

1211

# conditions: An `etag` is returned in the response to `getIamPolicy`, and

1212

# systems are expected to put that etag in the request to `setIamPolicy` to

1213

# ensure that their change will be applied to the same version of the policy.

1214

#

1215

# **Important:** If you use IAM Conditions, you must include the `etag` field

1216

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

1217

# you to overwrite a version `3` policy with a version `1` policy, and all of

1218

# the conditions in the version `3` policy are lost.

1219

"version": 42, # Specifies the format of the policy.

1220

#

1221

# Valid values are `0`, `1`, and `3`. Requests that specify an invalid value

1222

# are rejected.

1223

#

1224

# Any operation that affects conditional role bindings must specify version

1225

# `3`. This requirement applies to the following operations:

1226

#

1227

# * Getting a policy that includes a conditional role binding

1228

# * Adding a conditional role binding to a policy

1229

# * Changing a conditional role binding in a policy

1230

# * Removing any role binding, with or without a condition, from a policy

1231

# that includes conditions

1232

#

1233

# **Important:** If you use IAM Conditions, you must include the `etag` field

1234

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

1235

# you to overwrite a version `3` policy with a version `1` policy, and all of

1236

# the conditions in the version `3` policy are lost.

1237

#

1238

# If a policy does not include any conditions, operations on that policy may

1239

# specify any valid version or leave the field unset.

1240

#

1241

# To learn which resources support conditions in their IAM policies, see the

1242

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

1243

"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.

1244

{ # Specifies the audit configuration for a service.

1245

# The configuration determines which permission types are logged, and what

1246

# identities, if any, are exempted from logging.

1247

# An AuditConfig must have one or more AuditLogConfigs.

1248

#

1249

# If there are AuditConfigs for both `allServices` and a specific service,

1250

# the union of the two AuditConfigs is used for that service: the log_types

1251

# specified in each AuditConfig are enabled, and the exempted_members in each

1252

# AuditLogConfig are exempted.

1253

#

1254

# Example Policy with multiple AuditConfigs:

#

# {

# "audit_configs": [

# {

# "service": "allServices"

1260

# "audit_log_configs": [

1261

# {

1262

# "log_type": "DATA_READ",

1263

# "exempted_members": [

1264

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE",

1269

# },

1270

# {

1271

# "log_type": "ADMIN_READ",

# }

# ]

# },

# {

# "service": "sampleservice.googleapis.com"

1277

# "audit_log_configs": [

1278

# {

1279

# "log_type": "DATA_READ",

1280

# },

1281

# {

1282

# "log_type": "DATA_WRITE",

1283

# "exempted_members": [

1284

# "user:aliya@example.com"

# ]

# }

# ]

# }

# ]

# }

#

# For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ

1293

# logging. It also exempts jose@example.com from DATA_READ logging, and

1294

# aliya@example.com from DATA_WRITE logging.

1295

"auditLogConfigs": [ # The configuration for logging of each type of permission.

1296

{ # Provides the configuration for logging a type of permissions.

# Example:

#

# {

# "audit_log_configs": [

1301

# {

1302

# "log_type": "DATA_READ",

1303

# "exempted_members": [

1304

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE",

# }

# ]

# }

#

# This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting

1314

# jose@example.com from DATA_READ logging.

1315

"exemptedMembers": [ # Specifies the identities that do not cause logging for this type of

1316

# permission.

1317

# Follows the same format of Binding.members.

1318

"A String",

1319

],

1320

"logType": "A String", # The log type that this config enables.

1321

},

1322

],

1323

"service": "A String", # Specifies a service that will be enabled for audit logging.

1324

# For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.

1325

# `allServices` is a special value that covers all services.

1326

},

1327

],

1328

"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a

1329

# `condition` that determines how and when the `bindings` are applied. Each

1330

# of the `bindings` must contain at least one member.

1331

{ # Associates `members` with a `role`.

1332

"condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding.

1333

#

1334

# If the condition evaluates to `true`, then this binding applies to the

1335

# current request.

1336

#

1337

# If the condition evaluates to `false`, then this binding does not apply to

1338

# the current request. However, a different role binding might grant the same

1339

# role to one or more of the members in this binding.

1340

#

1341

# To learn which resources support conditions in their IAM policies, see the

1342

# [IAM

1343

# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

1344

# syntax. CEL is a C-like expression language. The syntax and semantics of CEL

1345

# are documented at https://github.com/google/cel-spec.

1346

#

1347

# Example (Comparison):

1348

#

1349

# title: "Summary size limit"

1350

# description: "Determines if a summary is less than 100 chars"

1351

# expression: "document.summary.size() < 100"

1352

#

1353

# Example (Equality):

1354

#

1355

# title: "Requestor is owner"

1356

# description: "Determines if requestor is the document owner"

1357

# expression: "document.owner == request.auth.claims.email"

#

# Example (Logic):

#

# title: "Public documents"

1362

# description: "Determine whether the document should be publicly visible"

1363

# expression: "document.type != 'private' && document.type != 'internal'"

1364

#

1365

# Example (Data Manipulation):

1366

#

1367

# title: "Notification string"

1368

# description: "Create a notification string with a timestamp."

1369

# expression: "'New message received at ' + string(document.create_time)"

1370

#

1371

# The exact variables and functions that may be referenced within an expression

1372

# are determined by the service that evaluates it. See the service

1373

# documentation for additional information.

1374

"title": "A String", # Optional. Title for the expression, i.e. a short string describing

1375

# its purpose. This can be used e.g. in UIs which allow to enter the

1376

# expression.

1377

"location": "A String", # Optional. String indicating the location of the expression for error

1378

# reporting, e.g. a file name and a position in the file.

1379

"description": "A String", # Optional. Description of the expression. This is a longer text which

1380

# describes the expression, e.g. when hovered over it in a UI.

1381

"expression": "A String", # Textual representation of an expression in Common Expression Language

1382

# syntax.

1383

},

1384

"members": [ # Specifies the identities requesting access for a Cloud Platform resource.

1385

# `members` can have the following values:

1386

#

1387

# * `allUsers`: A special identifier that represents anyone who is

1388

# on the internet; with or without a Google account.

1389

#

1390

# * `allAuthenticatedUsers`: A special identifier that represents anyone

1391

# who is authenticated with a Google account or a service account.

1392

#

1393

# * `user:{emailid}`: An email address that represents a specific Google

1394

# account. For example, `alice@example.com` .

1395

#

1396

#

1397

# * `serviceAccount:{emailid}`: An email address that represents a service

1398

# account. For example, `my-other-app@appspot.gserviceaccount.com`.

1399

#

1400

# * `group:{emailid}`: An email address that represents a Google group.

1401

# For example, `admins@example.com`.

1402

#

1403

# * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique

1404

# identifier) representing a user that has been recently deleted. For

1405

# example, `alice@example.com?uid=123456789012345678901`. If the user is

1406

# recovered, this value reverts to `user:{emailid}` and the recovered user

1407

# retains the role in the binding.

1408

#

1409

# * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus

1410

# unique identifier) representing a service account that has been recently

1411

# deleted. For example,

1412

# `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.

1413

# If the service account is undeleted, this value reverts to

1414

# `serviceAccount:{emailid}` and the undeleted service account retains the

1415

# role in the binding.

1416

#

1417

# * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique

1418

# identifier) representing a Google group that has been recently

1419

# deleted. For example, `admins@example.com?uid=123456789012345678901`. If

1420

# the group is recovered, this value reverts to `group:{emailid}` and the

1421

# recovered group retains the role in the binding.

1422

#

1423

#

1424

# * `domain:{domain}`: The G Suite domain (primary) that represents all the

1425

# users of that domain. For example, `google.com` or `example.com`.

#

"A String",

],

"role": "A String", # Role that is assigned to `members`.

1430

# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

},

],

},

}

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

1443

1444

{ # An Identity and Access Management (IAM) policy, which specifies access

1445

# controls for Google Cloud resources.

1446

#

1447

#

1448

# A `Policy` is a collection of `bindings`. A `binding` binds one or more

1449

# `members` to a single `role`. Members can be user accounts, service accounts,

1450

# Google groups, and domains (such as G Suite). A `role` is a named list of

1451

# permissions; each `role` can be an IAM predefined role or a user-created

1452

# custom role.

1453

#

1454

# For some types of Google Cloud resources, a `binding` can also specify a

1455

# `condition`, which is a logical expression that allows access to a resource

1456

# only if the expression evaluates to `true`. A condition can add constraints

1457

# based on attributes of the request, the resource, or both. To learn which

1458

# resources support conditions in their IAM policies, see the

1459

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

#

# **JSON example:**

#

# {

# "bindings": [

# {

# "role": "roles/resourcemanager.organizationAdmin",

1467

# "members": [

1468

# "user:mike@example.com",

1469

# "group:admins@example.com",

1470

# "domain:google.com",

1471

# "serviceAccount:my-project-id@appspot.gserviceaccount.com"

# ]

# },

# {

# "role": "roles/resourcemanager.organizationViewer",

1476

# "members": [

1477

# "user:eve@example.com"

1478

# ],

1479

# "condition": {

1480

# "title": "expirable access",

1481

# "description": "Does not grant access after Sep 2020",

1482

# "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')",

# }

# }

# ],

# "etag": "BwWWja0YfJA=",

# "version": 3

# }

#

# **YAML example:**

#

# bindings:

# - members:

# - user:mike@example.com

1495

# - group:admins@example.com

1496

# - domain:google.com

1497

# - serviceAccount:my-project-id@appspot.gserviceaccount.com

1498

# role: roles/resourcemanager.organizationAdmin

1499

# - members:

1500

# - user:eve@example.com

1501

# role: roles/resourcemanager.organizationViewer

1502

# condition:

1503

# title: expirable access

1504

# description: Does not grant access after Sep 2020

1505

# expression: request.time < timestamp('2020-10-01T00:00:00.000Z')

1506

# - etag: BwWWja0YfJA=

1507

# - version: 3

1508

#

1509

# For a description of IAM and its features, see the

1510

# [IAM documentation](https://cloud.google.com/iam/docs/).

1511

"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help

1512

# prevent simultaneous updates of a policy from overwriting each other.

1513

# It is strongly suggested that systems make use of the `etag` in the

1514

# read-modify-write cycle to perform policy updates in order to avoid race

1515

# conditions: An `etag` is returned in the response to `getIamPolicy`, and

1516

# systems are expected to put that etag in the request to `setIamPolicy` to

1517

# ensure that their change will be applied to the same version of the policy.

1518

#

1519

# **Important:** If you use IAM Conditions, you must include the `etag` field

1520

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

1521

# you to overwrite a version `3` policy with a version `1` policy, and all of

1522

# the conditions in the version `3` policy are lost.

1523

"version": 42, # Specifies the format of the policy.

1524

#

1525

# Valid values are `0`, `1`, and `3`. Requests that specify an invalid value

1526

# are rejected.

1527

#

1528

# Any operation that affects conditional role bindings must specify version

1529

# `3`. This requirement applies to the following operations:

1530

#

1531

# * Getting a policy that includes a conditional role binding

1532

# * Adding a conditional role binding to a policy

1533

# * Changing a conditional role binding in a policy

1534

# * Removing any role binding, with or without a condition, from a policy

1535

# that includes conditions

1536

#

1537

# **Important:** If you use IAM Conditions, you must include the `etag` field

1538

# whenever you call `setIamPolicy`. If you omit this field, then IAM allows

1539

# you to overwrite a version `3` policy with a version `1` policy, and all of

1540

# the conditions in the version `3` policy are lost.

1541

#

1542

# If a policy does not include any conditions, operations on that policy may

1543

# specify any valid version or leave the field unset.

1544

#

1545

# To learn which resources support conditions in their IAM policies, see the

1546

# [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

1547

"auditConfigs": [ # Specifies cloud audit logging configuration for this policy.

1548

{ # Specifies the audit configuration for a service.

1549

# The configuration determines which permission types are logged, and what

1550

# identities, if any, are exempted from logging.

1551

# An AuditConfig must have one or more AuditLogConfigs.

1552

#

1553

# If there are AuditConfigs for both `allServices` and a specific service,

1554

# the union of the two AuditConfigs is used for that service: the log_types

1555

# specified in each AuditConfig are enabled, and the exempted_members in each

1556

# AuditLogConfig are exempted.

1557

#

1558

# Example Policy with multiple AuditConfigs:

#

# {

# "audit_configs": [

# {

# "service": "allServices"

1564

# "audit_log_configs": [

1565

# {

1566

# "log_type": "DATA_READ",

1567

# "exempted_members": [

1568

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE",

1573

# },

1574

# {

1575

# "log_type": "ADMIN_READ",

# }

# ]

# },

# {

# "service": "sampleservice.googleapis.com"

1581

# "audit_log_configs": [

1582

# {

1583

# "log_type": "DATA_READ",

1584

# },

1585

# {

1586

# "log_type": "DATA_WRITE",

1587

# "exempted_members": [

1588

# "user:aliya@example.com"

# ]

# }

# ]

# }

# ]

# }

#

# For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ

1597

# logging. It also exempts jose@example.com from DATA_READ logging, and

1598

# aliya@example.com from DATA_WRITE logging.

1599

"auditLogConfigs": [ # The configuration for logging of each type of permission.

1600

{ # Provides the configuration for logging a type of permissions.

# Example:

#

# {

# "audit_log_configs": [

1605

# {

1606

# "log_type": "DATA_READ",

1607

# "exempted_members": [

1608

# "user:jose@example.com"

# ]

# },

# {

# "log_type": "DATA_WRITE",

# }

# ]

# }

#

# This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting

1618

# jose@example.com from DATA_READ logging.

1619

"exemptedMembers": [ # Specifies the identities that do not cause logging for this type of

1620

# permission.

1621

# Follows the same format of Binding.members.

1622

"A String",

1623

],

1624

"logType": "A String", # The log type that this config enables.

1625

},

1626

],

1627

"service": "A String", # Specifies a service that will be enabled for audit logging.

1628

# For example, `storage.googleapis.com`, `cloudsql.googleapis.com`.

1629

# `allServices` is a special value that covers all services.

1630

},

1631

],

1632

"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a

1633

# `condition` that determines how and when the `bindings` are applied. Each

1634

# of the `bindings` must contain at least one member.

1635

{ # Associates `members` with a `role`.

1636

"condition": { # Represents a textual expression in the Common Expression Language (CEL) # The condition that is associated with this binding.

1637

#

1638

# If the condition evaluates to `true`, then this binding applies to the

1639

# current request.

1640

#

1641

# If the condition evaluates to `false`, then this binding does not apply to

1642

# the current request. However, a different role binding might grant the same

1643

# role to one or more of the members in this binding.

1644

#

1645

# To learn which resources support conditions in their IAM policies, see the

1646

# [IAM

1647

# documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

1648

# syntax. CEL is a C-like expression language. The syntax and semantics of CEL

1649

# are documented at https://github.com/google/cel-spec.

1650

#

1651

# Example (Comparison):

1652

#

1653

# title: "Summary size limit"

1654

# description: "Determines if a summary is less than 100 chars"

1655

# expression: "document.summary.size() < 100"

1656

#

1657

# Example (Equality):

1658

#

1659

# title: "Requestor is owner"

1660

# description: "Determines if requestor is the document owner"

1661

# expression: "document.owner == request.auth.claims.email"

#

# Example (Logic):

#

# title: "Public documents"

1666

# description: "Determine whether the document should be publicly visible"

1667

# expression: "document.type != 'private' && document.type != 'internal'"

1668

#

1669

# Example (Data Manipulation):

1670

#

1671

# title: "Notification string"

1672

# description: "Create a notification string with a timestamp."

1673

# expression: "'New message received at ' + string(document.create_time)"

1674

#

1675

# The exact variables and functions that may be referenced within an expression

1676

# are determined by the service that evaluates it. See the service

1677

# documentation for additional information.

1678

"title": "A String", # Optional. Title for the expression, i.e. a short string describing

1679

# its purpose. This can be used e.g. in UIs which allow to enter the

1680

# expression.

1681

"location": "A String", # Optional. String indicating the location of the expression for error

1682

# reporting, e.g. a file name and a position in the file.

1683

"description": "A String", # Optional. Description of the expression. This is a longer text which

1684

# describes the expression, e.g. when hovered over it in a UI.

1685

"expression": "A String", # Textual representation of an expression in Common Expression Language

1686

# syntax.

1687

},

1688

"members": [ # Specifies the identities requesting access for a Cloud Platform resource.

1689

# `members` can have the following values:

1690

#

1691

# * `allUsers`: A special identifier that represents anyone who is

1692

# on the internet; with or without a Google account.

1693

#

1694

# * `allAuthenticatedUsers`: A special identifier that represents anyone

1695

# who is authenticated with a Google account or a service account.

1696

#

1697

# * `user:{emailid}`: An email address that represents a specific Google

1698

# account. For example, `alice@example.com` .

1699

#

1700

#

1701

# * `serviceAccount:{emailid}`: An email address that represents a service

1702

# account. For example, `my-other-app@appspot.gserviceaccount.com`.

1703

#

1704

# * `group:{emailid}`: An email address that represents a Google group.

1705

# For example, `admins@example.com`.

1706

#

1707

# * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique

1708

# identifier) representing a user that has been recently deleted. For

1709

# example, `alice@example.com?uid=123456789012345678901`. If the user is

1710

# recovered, this value reverts to `user:{emailid}` and the recovered user

1711

# retains the role in the binding.

1712

#

1713

# * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus

1714

# unique identifier) representing a service account that has been recently

1715

# deleted. For example,

1716

# `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.

1717

# If the service account is undeleted, this value reverts to

1718

# `serviceAccount:{emailid}` and the undeleted service account retains the

1719

# role in the binding.

1720

#

1721

# * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique

1722

# identifier) representing a Google group that has been recently

1723

# deleted. For example, `admins@example.com?uid=123456789012345678901`. If

1724

# the group is recovered, this value reverts to `group:{emailid}` and the

1725

# recovered group retains the role in the binding.

1726

#

1727

#

1728

# * `domain:{domain}`: The G Suite domain (primary) that represents all the

1729

# users of that domain. For example, `google.com` or `example.com`.

#

"A String",

],

"role": "A String", # Role that is assigned to `members`.

1734

# For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

},

],

}</pre>

</div>

<code class="details" id="testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</code>

1742

<pre>Returns permissions that a caller has on the specified resource.

1743

If the resource does not exist, this will return an empty set of

1744

permissions, not a `NOT_FOUND` error.

1745

1746

Note: This operation is designed to be used for building permission-aware

1747

UIs and command-line tools, not for authorization checking. This operation

1748

may "fail open" without warning.

1749

1750

Args:

1751

resource: string, REQUIRED: The resource for which the policy detail is being requested.

1752

See the operation documentation for the appropriate value for this field. (required)

1753

body: object, The request body.

1754

The object takes the form of:

1755

1756

{ # Request message for `TestIamPermissions` method.

1757

"permissions": [ # The set of permissions to check for the `resource`. Permissions with

1758

# wildcards (such as '*' or 'storage.*') are not allowed. For more

1759

# information see

1760

# [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).

"A String",

],

}

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

1772

1773

{ # Response message for `TestIamPermissions` method.

1774

"permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is

# allowed.

"A String",

],

}</pre>

</div>

<code class="details" id="updateParameters">updateParameters(name, body=None, x__xgafv=None)</code>

1783

<pre>Updates the defined Memcached Parameters for an existing Instance.

1784

This method only stages the parameters, it must be followed by

1785

ApplyParameters to apply the parameters to nodes of the Memcached Instance.

1786

1787

Args:

1788

name: string, Required. Resource name of the Memcached instance for which the parameters should be

1789

updated. (required)

1790

body: object, The request body.

1791

The object takes the form of:

1792

1793

{ # Request for UpdateParameters.

1794

"updateMask": "A String", # Required. Mask of fields to update.

1795

"parameters": { # The parameters to apply to the instance.

1796

"id": "A String", # Output only. The unique ID associated with this set of parameters. Users

1797

# can use this id to determine if the parameters associated with the instance

1798

# differ from the parameters associated with the nodes and any action needs

1799

# to be taken to apply parameters on nodes.

1800

"params": { # User defined set of parameters to use in the memcached process.

"a_key": "A String",

},

},

}

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

1813

1814

{ # This resource represents a long-running operation that is the result of a

1815

# network API call.

1816

"response": { # The normal response of the operation in case of success. If the original

1817

# method returns no data on success, such as `Delete`, the response is

1818

# `google.protobuf.Empty`. If the original method is standard

1819

# `Get`/`Create`/`Update`, the response should be the resource. For other

1820

# methods, the response should have the type `XxxResponse`, where `Xxx`

1821

# is the original method name. For example, if the original method name

1822

# is `TakeSnapshot()`, the inferred response type is

1823

# `TakeSnapshotResponse`.

1824

"a_key": "", # Properties of the object. Contains field @type with type URL.

1825

},

1826

"name": "A String", # The server-assigned name, which is only unique within the same service that

1827

# originally returns it. If you use the default HTTP mapping, the

1828

# `name` should be a resource name ending with `operations/{unique_id}`.

1829

"error": { # The `Status` type defines a logical error model that is suitable for # The error result of the operation in case of failure or cancellation.

1830

# different programming environments, including REST APIs and RPC APIs. It is

1831

# used by [gRPC](https://github.com/grpc). Each `Status` message contains

1832

# three pieces of data: error code, error message, and error details.

1833

#

1834

# You can find out more about this error model and how to work with it in the

1835

# [API Design Guide](https://cloud.google.com/apis/design/errors).