Blame - docs/dyn/managedidentities_v1alpha1.projects.locations.global_.domains.html - platform/external/python/google-api-python-client

blob: f0bac7f8686030f1019aad5c515544ecba4c7174 [file] [log] [blame]

Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	1	<html><body>
				2	<style>
				3
				4	body, h1, h2, h3, div, span, p, pre, a {
				5	margin: 0;
				6	padding: 0;
				7	border: 0;
				8	font-weight: inherit;
				9	font-style: inherit;
				10	font-size: 100%;
				11	font-family: inherit;
				12	vertical-align: baseline;
				13	}
				14
				15	body {
				16	font-size: 13px;
				17	padding: 1em;
				18	}
				19
				20	h1 {
				21	font-size: 26px;
				22	margin-bottom: 1em;
				23	}
				24
				25	h2 {
				26	font-size: 24px;
				27	margin-bottom: 1em;
				28	}
				29
				30	h3 {
				31	font-size: 20px;
				32	margin-bottom: 1em;
				33	margin-top: 1em;
				34	}
				35
				36	pre, code {
				37	line-height: 1.5;
				38	font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
				39	}
				40
				41	pre {
				42	margin-top: 0.5em;
				43	}
				44
				45	h1, h2, h3, p {
				46	font-family: Arial, sans serif;
				47	}
				48
				49	h1, h2, h3 {
				50	border-bottom: solid #CCC 1px;
				51	}
				52
				53	.toc_element {
				54	margin-top: 0.5em;
				55	}
				56
				57	.firstline {
				58	margin-left: 2 em;
				59	}
				60
				61	.method {
				62	margin-top: 1em;
				63	border: solid 1px #CCC;
				64	padding: 1em;
				65	background: #EEE;
				66	}
				67
				68	.details {
				69	font-weight: bold;
				70	font-size: 14px;
				71	}
				72
				73	</style>
				74
				75	<h1><a href="managedidentities_v1alpha1.html">Managed Service for Microsoft Active Directory API</a> . <a href="managedidentities_v1alpha1.projects.html">projects</a> . <a href="managedidentities_v1alpha1.projects.locations.html">locations</a> . <a href="managedidentities_v1alpha1.projects.locations.global_.html">global_</a> . <a href="managedidentities_v1alpha1.projects.locations.global_.domains.html">domains</a></h1>
				76	<h2>Instance Methods</h2>
				77	<p class="toc_element">
yoshi-code-bot	04bafe1	2021-06-29 00:20:25 -0700	[diff] [blame]	78	<code><a href="managedidentities_v1alpha1.projects.locations.global_.domains.backups.html">backups()</a></code>
				79	</p>
				80	<p class="firstline">Returns the backups Resource.</p>
				81
				82	<p class="toc_element">
Bu Sun Kim	673ec5c	2020-11-16 11:05:03 -0700	[diff] [blame]	83	<code><a href="managedidentities_v1alpha1.projects.locations.global_.domains.sqlIntegrations.html">sqlIntegrations()</a></code>
				84	</p>
				85	<p class="firstline">Returns the sqlIntegrations Resource.</p>
				86
				87	<p class="toc_element">
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	88	<code><a href="#attachTrust">attachTrust(name, body=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	89	<p class="firstline">Adds AD trust in a given domain. Operation</p>
				90	<p class="toc_element">
				91	<code><a href="#close">close()</a></code></p>
				92	<p class="firstline">Close httplib2 connections.</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	93	<p class="toc_element">
				94	<code><a href="#create">create(parent, body=None, domainName=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	95	<p class="firstline">Creates a Microsoft AD Domain in a given project. Operation</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	96	<p class="toc_element">
				97	<code><a href="#delete">delete(name, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	98	<p class="firstline">Deletes identified domain. Operation</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	99	<p class="toc_element">
				100	<code><a href="#detachTrust">detachTrust(name, body=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	101	<p class="firstline">Removes identified trust. Operation</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	102	<p class="toc_element">
				103	<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
				104	<p class="firstline">Gets details of a single Domain.</p>
				105	<p class="toc_element">
				106	<code><a href="#getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	107	<p class="firstline">Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	108	<p class="toc_element">
yoshi-code-bot	04bafe1	2021-06-29 00:20:25 -0700	[diff] [blame]	109	<code><a href="#getLdapssettings">getLdapssettings(name, x__xgafv=None)</a></code></p>
				110	<p class="firstline">Gets the domain ldaps settings.</p>
				111	<p class="toc_element">
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	112	<code><a href="#list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	113	<p class="firstline">Lists Domains in a given project.</p>
				114	<p class="toc_element">
				115	<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
				116	<p class="firstline">Retrieves the next page of results.</p>
				117	<p class="toc_element">
				118	<code><a href="#patch">patch(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	119	<p class="firstline">Updates the metadata and configuration of a specified domain. Operation</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	120	<p class="toc_element">
				121	<code><a href="#reconfigureTrust">reconfigureTrust(name, body=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	122	<p class="firstline">Updates the dns conditional forwarder. Operation</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	123	<p class="toc_element">
				124	<code><a href="#resetAdminPassword">resetAdminPassword(name, body=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	125	<p class="firstline">Resets managed identities admin password identified by managed_identities_admin_name</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	126	<p class="toc_element">
				127	<code><a href="#setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	128	<p class="firstline">Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	129	<p class="toc_element">
				130	<code><a href="#testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	131	<p class="firstline">Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	132	<p class="toc_element">
yoshi-code-bot	04bafe1	2021-06-29 00:20:25 -0700	[diff] [blame]	133	<code><a href="#updateLdapssettings">updateLdapssettings(name, body=None, updateMask=None, x__xgafv=None)</a></code></p>
				134	<p class="firstline">Patches a single ldaps settings.</p>
				135	<p class="toc_element">
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	136	<code><a href="#validateTrust">validateTrust(name, body=None, x__xgafv=None)</a></code></p>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	137	<p class="firstline">Validate the trust state Operation</p>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	138	<h3>Method Details</h3>
				139	<div class="method">
				140	<code class="details" id="attachTrust">attachTrust(name, body=None, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	141	<pre>Adds AD trust in a given domain. Operation
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	142
				143	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	144	name: string, The resource domain name, project name and location using the form: `projects/{project_id}/locations/global/domains/{domain_name}` (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	145	body: object, The request body.
				146	The object takes the form of:
				147
				148	{
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	149	"trust": { # Represents a relationship between two domains which makes it possible for users in one domain to be authenticated by a dc in another domain. Refer https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731335(v%3dws.10) If the trust is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state. # The domain trust resource.
				150	"createTime": "A String", # Output only. The time the instance was created.
				151	"lastKnownTrustConnectedHeartbeatTime": "A String", # Output only. The last heartbeat time when the trust was known to be connected.
				152	"selectiveAuthentication": True or False, # The trust authentication type which decides whether the trusted side has forest/domain wide access or selective access to approved set of resources.
				153	"state": "A String", # Output only. The current state of this trust.
				154	"stateDescription": "A String", # Output only. Additional information about the current state of this trust, if available.
				155	"targetDnsIpAddresses": [ # The target dns server ip addresses which can resolve the remote domain involved in trust.
				156	"A String",
				157	],
				158	"targetDomainName": "A String", # The fully qualified target domain name which will be in trust with current domain.
				159	"trustDirection": "A String", # The trust direction decides the current domain is trusted, trusting or both.
				160	"trustHandshakeSecret": "A String", # Input only, and will not be stored. The trust secret used for handshake with target domain.
				161	"trustType": "A String", # The type of trust represented by the trust resource.
				162	"updateTime": "A String", # Output only. Last update time.
				163	},
				164	}
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	165
				166	x__xgafv: string, V1 error format.
				167	Allowed values
				168	1 - v1 error format
				169	2 - v2 error format
				170
				171	Returns:
				172	An object of the form:
				173
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	174	{ # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	175	"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
				176	"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
				177	"code": 42, # The status code, which should be an enum value of google.rpc.Code.
				178	"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
				179	{
				180	"a_key": "", # Properties of the object. Contains field @type with type URL.
				181	},
				182	],
				183	"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
				184	},
				185	"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
				186	"a_key": "", # Properties of the object. Contains field @type with type URL.
				187	},
				188	"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
				189	"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
				190	"a_key": "", # Properties of the object. Contains field @type with type URL.
				191	},
				192	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	193	</div>
				194
				195	<div class="method">
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	196	<code class="details" id="close">close()</code>
				197	<pre>Close httplib2 connections.</pre>
				198	</div>
				199
				200	<div class="method">
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	201	<code class="details" id="create">create(parent, body=None, domainName=None, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	202	<pre>Creates a Microsoft AD Domain in a given project. Operation
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	203
				204	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	205	parent: string, Resource project name and location using the form: `projects/{project_id}/locations/global` (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	206	body: object, The request body.
				207	The object takes the form of:
				208
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	209	{ # If the domain is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
yoshi-code-bot	b6dc1b9	2021-03-02 11:49:08 -0800	[diff] [blame]	210	"auditLogsEnabled": True or False, # Optional. Configuration for audit logs. True if audit logs are enabled, else false. Default is audit logs disabled.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	211	"authorizedNetworks": [ # Optional. The full names of the Google Compute Engine [networks](/compute/docs/networks-and-firewalls#networks) to which the instance is connected. Network can be added using UpdateDomain later. Domain is only available on network part of authorized_networks. Caller needs to make sure that CIDR subnets do not overlap between networks, else domain creation will fail.
				212	"A String",
				213	],
				214	"createTime": "A String", # Output only. The time the instance was created. Synthetic field is populated automatically by CCFE. go/ccfe-synthetic-field-user-guide
				215	"fqdn": "A String", # Output only. Fully-qualified domain name of the exposed domain used by clients to connect to the service. Similar to what would be chosen for an Active Directory that is set up on an internal network.
				216	"labels": { # Optional. Resource labels to represent user provided metadata
				217	"a_key": "A String",
				218	},
				219	"locations": [ # Required. Locations where domain needs to be provisioned. regions e.g. us-west1 or us-east4 Service supports up to 4 locations at once. Each location will use a /26 block.
				220	"A String",
				221	],
				222	"managedIdentitiesAdminName": "A String", # Optional. Name of customer-visible admin used to perform Active Directory operations. If not specified `setupadmin` would be used.
				223	"name": "A String", # Output only. Unique name of the domain in this scope including projects and location using the form: `projects/{project_id}/locations/global/domains/{domain_name}`.
				224	"reservedIpRange": "A String", # Required. The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. Ranges must be unique and non-overlapping with existing subnets in [Domain].[authorized_networks].
				225	"state": "A String", # Output only. The current state of this domain.
				226	"statusMessage": "A String", # Output only. Additional information about the current status of this domain, if available.
				227	"trusts": [ # Output only. The current trusts associated with the domain.
				228	{ # Represents a relationship between two domains which makes it possible for users in one domain to be authenticated by a dc in another domain. Refer https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731335(v%3dws.10) If the trust is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
				229	"createTime": "A String", # Output only. The time the instance was created.
				230	"lastKnownTrustConnectedHeartbeatTime": "A String", # Output only. The last heartbeat time when the trust was known to be connected.
				231	"selectiveAuthentication": True or False, # The trust authentication type which decides whether the trusted side has forest/domain wide access or selective access to approved set of resources.
				232	"state": "A String", # Output only. The current state of this trust.
				233	"stateDescription": "A String", # Output only. Additional information about the current state of this trust, if available.
				234	"targetDnsIpAddresses": [ # The target dns server ip addresses which can resolve the remote domain involved in trust.
				235	"A String",
				236	],
				237	"targetDomainName": "A String", # The fully qualified target domain name which will be in trust with current domain.
				238	"trustDirection": "A String", # The trust direction decides the current domain is trusted, trusting or both.
				239	"trustHandshakeSecret": "A String", # Input only, and will not be stored. The trust secret used for handshake with target domain.
				240	"trustType": "A String", # The type of trust represented by the trust resource.
				241	"updateTime": "A String", # Output only. Last update time.
Yoshi Automation Bot	c2228be	2020-11-24 15:48:03 -0800	[diff] [blame]	242	},
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	243	],
				244	"updateTime": "A String", # Output only. Last update time. Synthetic field is populated automatically by CCFE.
				245	}
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	246
yoshi-code-bot	a8b35b9	2021-03-31 13:33:30 -0700	[diff] [blame]	247	domainName: string, The fully qualified domain name. e.g. mydomain.myorganization.com, with the following restrictions: * Must contain only lowercase letters, numbers, periods and hyphens. * Must start with a letter. * Must contain between 2-64 characters. * Must end with a number or a letter. * Must not start with period. * Must be unique within the project. * First segment length (mydomain form example above) shouldn't exceed 15 chars. * The last segment cannot be fully numeric.
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	248	x__xgafv: string, V1 error format.
				249	Allowed values
				250	1 - v1 error format
				251	2 - v2 error format
				252
				253	Returns:
				254	An object of the form:
				255
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	256	{ # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	257	"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
				258	"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
				259	"code": 42, # The status code, which should be an enum value of google.rpc.Code.
				260	"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
				261	{
				262	"a_key": "", # Properties of the object. Contains field @type with type URL.
				263	},
				264	],
				265	"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
				266	},
				267	"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
				268	"a_key": "", # Properties of the object. Contains field @type with type URL.
				269	},
				270	"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
				271	"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
				272	"a_key": "", # Properties of the object. Contains field @type with type URL.
				273	},
				274	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	275	</div>
				276
				277	<div class="method">
				278	<code class="details" id="delete">delete(name, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	279	<pre>Deletes identified domain. Operation
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	280
				281	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	282	name: string, Domain resource name using the form: `projects/{project_id}/locations/global/domains/{domain_name}` (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	283	x__xgafv: string, V1 error format.
				284	Allowed values
				285	1 - v1 error format
				286	2 - v2 error format
				287
				288	Returns:
				289	An object of the form:
				290
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	291	{ # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	292	"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
				293	"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
				294	"code": 42, # The status code, which should be an enum value of google.rpc.Code.
				295	"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
				296	{
				297	"a_key": "", # Properties of the object. Contains field @type with type URL.
				298	},
				299	],
				300	"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
				301	},
				302	"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
				303	"a_key": "", # Properties of the object. Contains field @type with type URL.
				304	},
				305	"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
				306	"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
				307	"a_key": "", # Properties of the object. Contains field @type with type URL.
				308	},
				309	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	310	</div>
				311
				312	<div class="method">
				313	<code class="details" id="detachTrust">detachTrust(name, body=None, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	314	<pre>Removes identified trust. Operation
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	315
				316	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	317	name: string, The resource domain name, project name, and location using the form: `projects/{project_id}/locations/global/domains/{domain_name}` (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	318	body: object, The request body.
				319	The object takes the form of:
				320
				321	{
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	322	"trust": { # Represents a relationship between two domains which makes it possible for users in one domain to be authenticated by a dc in another domain. Refer https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731335(v%3dws.10) If the trust is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state. # The domain trust resource to removed.
				323	"createTime": "A String", # Output only. The time the instance was created.
				324	"lastKnownTrustConnectedHeartbeatTime": "A String", # Output only. The last heartbeat time when the trust was known to be connected.
				325	"selectiveAuthentication": True or False, # The trust authentication type which decides whether the trusted side has forest/domain wide access or selective access to approved set of resources.
				326	"state": "A String", # Output only. The current state of this trust.
				327	"stateDescription": "A String", # Output only. Additional information about the current state of this trust, if available.
				328	"targetDnsIpAddresses": [ # The target dns server ip addresses which can resolve the remote domain involved in trust.
				329	"A String",
				330	],
				331	"targetDomainName": "A String", # The fully qualified target domain name which will be in trust with current domain.
				332	"trustDirection": "A String", # The trust direction decides the current domain is trusted, trusting or both.
				333	"trustHandshakeSecret": "A String", # Input only, and will not be stored. The trust secret used for handshake with target domain.
				334	"trustType": "A String", # The type of trust represented by the trust resource.
				335	"updateTime": "A String", # Output only. Last update time.
				336	},
				337	}
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	338
				339	x__xgafv: string, V1 error format.
				340	Allowed values
				341	1 - v1 error format
				342	2 - v2 error format
				343
				344	Returns:
				345	An object of the form:
				346
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	347	{ # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	348	"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
				349	"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
				350	"code": 42, # The status code, which should be an enum value of google.rpc.Code.
				351	"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
				352	{
				353	"a_key": "", # Properties of the object. Contains field @type with type URL.
				354	},
				355	],
				356	"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
				357	},
				358	"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
				359	"a_key": "", # Properties of the object. Contains field @type with type URL.
				360	},
				361	"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
				362	"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
				363	"a_key": "", # Properties of the object. Contains field @type with type URL.
				364	},
				365	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	366	</div>
				367
				368	<div class="method">
				369	<code class="details" id="get">get(name, x__xgafv=None)</code>
				370	<pre>Gets details of a single Domain.
				371
				372	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	373	name: string, Domain resource name using the form: `projects/{project_id}/locations/global/domains/{domain_name}` (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	374	x__xgafv: string, V1 error format.
				375	Allowed values
				376	1 - v1 error format
				377	2 - v2 error format
				378
				379	Returns:
				380	An object of the form:
				381
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	382	{ # If the domain is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
yoshi-code-bot	b6dc1b9	2021-03-02 11:49:08 -0800	[diff] [blame]	383	"auditLogsEnabled": True or False, # Optional. Configuration for audit logs. True if audit logs are enabled, else false. Default is audit logs disabled.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	384	"authorizedNetworks": [ # Optional. The full names of the Google Compute Engine [networks](/compute/docs/networks-and-firewalls#networks) to which the instance is connected. Network can be added using UpdateDomain later. Domain is only available on network part of authorized_networks. Caller needs to make sure that CIDR subnets do not overlap between networks, else domain creation will fail.
				385	"A String",
				386	],
				387	"createTime": "A String", # Output only. The time the instance was created. Synthetic field is populated automatically by CCFE. go/ccfe-synthetic-field-user-guide
				388	"fqdn": "A String", # Output only. Fully-qualified domain name of the exposed domain used by clients to connect to the service. Similar to what would be chosen for an Active Directory that is set up on an internal network.
				389	"labels": { # Optional. Resource labels to represent user provided metadata
				390	"a_key": "A String",
				391	},
				392	"locations": [ # Required. Locations where domain needs to be provisioned. regions e.g. us-west1 or us-east4 Service supports up to 4 locations at once. Each location will use a /26 block.
				393	"A String",
				394	],
				395	"managedIdentitiesAdminName": "A String", # Optional. Name of customer-visible admin used to perform Active Directory operations. If not specified `setupadmin` would be used.
				396	"name": "A String", # Output only. Unique name of the domain in this scope including projects and location using the form: `projects/{project_id}/locations/global/domains/{domain_name}`.
				397	"reservedIpRange": "A String", # Required. The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. Ranges must be unique and non-overlapping with existing subnets in [Domain].[authorized_networks].
				398	"state": "A String", # Output only. The current state of this domain.
				399	"statusMessage": "A String", # Output only. Additional information about the current status of this domain, if available.
				400	"trusts": [ # Output only. The current trusts associated with the domain.
				401	{ # Represents a relationship between two domains which makes it possible for users in one domain to be authenticated by a dc in another domain. Refer https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731335(v%3dws.10) If the trust is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
				402	"createTime": "A String", # Output only. The time the instance was created.
				403	"lastKnownTrustConnectedHeartbeatTime": "A String", # Output only. The last heartbeat time when the trust was known to be connected.
				404	"selectiveAuthentication": True or False, # The trust authentication type which decides whether the trusted side has forest/domain wide access or selective access to approved set of resources.
				405	"state": "A String", # Output only. The current state of this trust.
				406	"stateDescription": "A String", # Output only. Additional information about the current state of this trust, if available.
				407	"targetDnsIpAddresses": [ # The target dns server ip addresses which can resolve the remote domain involved in trust.
Yoshi Automation Bot	0bf565c	2020-12-09 08:56:03 -0800	[diff] [blame]	408	"A String",
				409	],
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	410	"targetDomainName": "A String", # The fully qualified target domain name which will be in trust with current domain.
				411	"trustDirection": "A String", # The trust direction decides the current domain is trusted, trusting or both.
				412	"trustHandshakeSecret": "A String", # Input only, and will not be stored. The trust secret used for handshake with target domain.
				413	"trustType": "A String", # The type of trust represented by the trust resource.
				414	"updateTime": "A String", # Output only. Last update time.
				415	},
				416	],
				417	"updateTime": "A String", # Output only. Last update time. Synthetic field is populated automatically by CCFE.
				418	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	419	</div>
				420
				421	<div class="method">
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	422	<code class="details" id="getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</code>
				423	<pre>Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
				424
				425	Args:
				426	resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required)
				427	options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
				428	x__xgafv: string, V1 error format.
				429	Allowed values
				430	1 - v1 error format
				431	2 - v2 error format
				432
				433	Returns:
				434	An object of the form:
				435
				436	{ # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	437	"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
				438	{ # Associates `members` with a `role`.
				439	"condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
				440	"description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
				441	"expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
				442	"location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
				443	"title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	444	},
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	445	"members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
				446	"A String",
				447	],
				448	"role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
				449	},
				450	],
				451	"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. Important: If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
				452	"version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions Important: If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
				453	}</pre>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	454	</div>
				455
				456	<div class="method">
yoshi-code-bot	04bafe1	2021-06-29 00:20:25 -0700	[diff] [blame]	457	<code class="details" id="getLdapssettings">getLdapssettings(name, x__xgafv=None)</code>
				458	<pre>Gets the domain ldaps settings.
				459
				460	Args:
				461	name: string, Required. The domain resource name using the form: `projects/{project_id}/locations/global/domains/{domain_name}` (required)
				462	x__xgafv: string, V1 error format.
				463	Allowed values
				464	1 - v1 error format
				465	2 - v2 error format
				466
				467	Returns:
				468	An object of the form:
				469
				470	{ # LDAPSSettings represents the ldaps settings for domain resource. LDAP is the Lightweight Directory Access Protocol, defined in https://tools.ietf.org/html/rfc4511. The settings object configures LDAP over SSL/TLS, whether it is over port 636 or the StartTLS operation. If LDAPSSettings is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
				471	"certificate": { # Certificate used to configure LDAPS. # Output only. The certificate used to configure LDAPS. Certificates can be chained with a maximum length of 15.
				472	"expireTime": "A String", # The certificate expire time.
				473	"issuingCertificate": # Object with schema name: Certificate # The issuer of this certificate.
				474	"subject": "A String", # The certificate subject.
				475	"subjectAlternativeName": [ # The additional hostnames for the domain.
				476	"A String",
				477	],
				478	"thumbprint": "A String", # The certificate thumbprint which uniquely identifies the certificate.
				479	},
				480	"certificatePassword": "A String", # Input only. The password used to encrypt the uploaded pfx certificate.
				481	"certificatePfx": "A String", # Input only. The uploaded PKCS12-formatted certificate to configure LDAPS with. It will enable the domain controllers in this domain to accept LDAPS connections (either LDAP over SSL/TLS or the StartTLS operation). A valid certificate chain must form a valid x.509 certificate chain (or be comprised of a single self-signed certificate. It must be encrypted with either: 1) PBES2 + PBKDF2 + AES256 encryption and SHA256 PRF; or 2) pbeWithSHA1And3-KeyTripleDES-CBC Private key must be included for the leaf / single self-signed certificate. Note: For a fqdn your-example-domain.com, the wildcard fqdn is *.your-example-domain.com. Specifically the leaf certificate must have: - Either a blank subject or a subject with CN matching the wildcard fqdn. - Exactly two SANs - the fqdn and wildcard fqdn. - Encipherment and digital key signature key usages. - Server authentication extended key usage (OID=1.3.6.1.5.5.7.3.1) - Private key must be in one of the following formats: RSA, ECDSA, ED25519. - Private key must have appropriate key length: 2048 for RSA, 256 for ECDSA - Signature algorithm of the leaf certificate cannot be MD2, MD5 or SHA1.
				482	"name": "A String", # The resource name of the LDAPS settings. Uses the form: `projects/{project}/locations/{location}/domains/{domain}`.
				483	"state": "A String", # Output only. The current state of this LDAPS settings.
				484	"updateTime": "A String", # Output only. Last update time.
				485	}</pre>
				486	</div>
				487
				488	<div class="method">
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	489	<code class="details" id="list">list(parent, filter=None, orderBy=None, pageSize=None, pageToken=None, x__xgafv=None)</code>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	490	<pre>Lists Domains in a given project.
				491
				492	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	493	parent: string, Required. The resource name of the domain location using the form: `projects/{project_id}/locations/global` (required)
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	494	filter: string, Optional. Filter specifying constraints of a list operation. For example, `Domain.fqdn="mydomain.myorginization"`.
Yoshi Automation Bot	0bf565c	2020-12-09 08:56:03 -0800	[diff] [blame]	495	orderBy: string, Optional. Specifies the ordering of results following syntax at https://cloud.google.com/apis/design/design_patterns#sorting_order.
Yoshi Automation Bot	b6971b0	2020-11-26 17:16:03 -0800	[diff] [blame]	496	pageSize: integer, If not specified, a default value of 1000 will be used by the service. Regardless of the page_size value, the response may include a partial list and a caller should only rely on response's next_page_token to determine if there are more instances left to be queried.
Yoshi Automation Bot	0bf565c	2020-12-09 08:56:03 -0800	[diff] [blame]	497	pageToken: string, The next_page_token value returned from a previous List request, if any.
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	498	x__xgafv: string, V1 error format.
				499	Allowed values
				500	1 - v1 error format
				501	2 - v2 error format
				502
				503	Returns:
				504	An object of the form:
				505
				506	{
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	507	"domains": [ # A list of Managed Identities Service domains in the project.
				508	{ # If the domain is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
yoshi-code-bot	b6dc1b9	2021-03-02 11:49:08 -0800	[diff] [blame]	509	"auditLogsEnabled": True or False, # Optional. Configuration for audit logs. True if audit logs are enabled, else false. Default is audit logs disabled.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	510	"authorizedNetworks": [ # Optional. The full names of the Google Compute Engine [networks](/compute/docs/networks-and-firewalls#networks) to which the instance is connected. Network can be added using UpdateDomain later. Domain is only available on network part of authorized_networks. Caller needs to make sure that CIDR subnets do not overlap between networks, else domain creation will fail.
				511	"A String",
				512	],
				513	"createTime": "A String", # Output only. The time the instance was created. Synthetic field is populated automatically by CCFE. go/ccfe-synthetic-field-user-guide
				514	"fqdn": "A String", # Output only. Fully-qualified domain name of the exposed domain used by clients to connect to the service. Similar to what would be chosen for an Active Directory that is set up on an internal network.
				515	"labels": { # Optional. Resource labels to represent user provided metadata
				516	"a_key": "A String",
				517	},
				518	"locations": [ # Required. Locations where domain needs to be provisioned. regions e.g. us-west1 or us-east4 Service supports up to 4 locations at once. Each location will use a /26 block.
				519	"A String",
				520	],
				521	"managedIdentitiesAdminName": "A String", # Optional. Name of customer-visible admin used to perform Active Directory operations. If not specified `setupadmin` would be used.
				522	"name": "A String", # Output only. Unique name of the domain in this scope including projects and location using the form: `projects/{project_id}/locations/global/domains/{domain_name}`.
				523	"reservedIpRange": "A String", # Required. The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. Ranges must be unique and non-overlapping with existing subnets in [Domain].[authorized_networks].
				524	"state": "A String", # Output only. The current state of this domain.
				525	"statusMessage": "A String", # Output only. Additional information about the current status of this domain, if available.
				526	"trusts": [ # Output only. The current trusts associated with the domain.
				527	{ # Represents a relationship between two domains which makes it possible for users in one domain to be authenticated by a dc in another domain. Refer https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731335(v%3dws.10) If the trust is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
				528	"createTime": "A String", # Output only. The time the instance was created.
				529	"lastKnownTrustConnectedHeartbeatTime": "A String", # Output only. The last heartbeat time when the trust was known to be connected.
				530	"selectiveAuthentication": True or False, # The trust authentication type which decides whether the trusted side has forest/domain wide access or selective access to approved set of resources.
				531	"state": "A String", # Output only. The current state of this trust.
				532	"stateDescription": "A String", # Output only. Additional information about the current state of this trust, if available.
				533	"targetDnsIpAddresses": [ # The target dns server ip addresses which can resolve the remote domain involved in trust.
Yoshi Automation Bot	0bf565c	2020-12-09 08:56:03 -0800	[diff] [blame]	534	"A String",
				535	],
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	536	"targetDomainName": "A String", # The fully qualified target domain name which will be in trust with current domain.
				537	"trustDirection": "A String", # The trust direction decides the current domain is trusted, trusting or both.
				538	"trustHandshakeSecret": "A String", # Input only, and will not be stored. The trust secret used for handshake with target domain.
				539	"trustType": "A String", # The type of trust represented by the trust resource.
				540	"updateTime": "A String", # Output only. Last update time.
Yoshi Automation Bot	0bf565c	2020-12-09 08:56:03 -0800	[diff] [blame]	541	},
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	542	],
				543	"updateTime": "A String", # Output only. Last update time. Synthetic field is populated automatically by CCFE.
				544	},
				545	],
				546	"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.
				547	"unreachable": [ # Locations that could not be reached.
				548	"A String",
				549	],
				550	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	551	</div>
				552
				553	<div class="method">
				554	<code class="details" id="list_next">list_next(previous_request, previous_response)</code>
				555	<pre>Retrieves the next page of results.
				556
				557	Args:
				558	previous_request: The request for the previous page. (required)
				559	previous_response: The response from the request for the previous page. (required)
				560
				561	Returns:
				562	A request object that you can call 'execute()' on to request the next
				563	page. Returns None if there are no more items in the collection.
				564	</pre>
				565	</div>
				566
				567	<div class="method">
				568	<code class="details" id="patch">patch(name, body=None, updateMask=None, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	569	<pre>Updates the metadata and configuration of a specified domain. Operation
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	570
				571	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	572	name: string, Output only. Unique name of the domain in this scope including projects and location using the form: `projects/{project_id}/locations/global/domains/{domain_name}`. (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	573	body: object, The request body.
				574	The object takes the form of:
				575
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	576	{ # If the domain is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
yoshi-code-bot	b6dc1b9	2021-03-02 11:49:08 -0800	[diff] [blame]	577	"auditLogsEnabled": True or False, # Optional. Configuration for audit logs. True if audit logs are enabled, else false. Default is audit logs disabled.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	578	"authorizedNetworks": [ # Optional. The full names of the Google Compute Engine [networks](/compute/docs/networks-and-firewalls#networks) to which the instance is connected. Network can be added using UpdateDomain later. Domain is only available on network part of authorized_networks. Caller needs to make sure that CIDR subnets do not overlap between networks, else domain creation will fail.
				579	"A String",
				580	],
				581	"createTime": "A String", # Output only. The time the instance was created. Synthetic field is populated automatically by CCFE. go/ccfe-synthetic-field-user-guide
				582	"fqdn": "A String", # Output only. Fully-qualified domain name of the exposed domain used by clients to connect to the service. Similar to what would be chosen for an Active Directory that is set up on an internal network.
				583	"labels": { # Optional. Resource labels to represent user provided metadata
				584	"a_key": "A String",
				585	},
				586	"locations": [ # Required. Locations where domain needs to be provisioned. regions e.g. us-west1 or us-east4 Service supports up to 4 locations at once. Each location will use a /26 block.
				587	"A String",
				588	],
				589	"managedIdentitiesAdminName": "A String", # Optional. Name of customer-visible admin used to perform Active Directory operations. If not specified `setupadmin` would be used.
				590	"name": "A String", # Output only. Unique name of the domain in this scope including projects and location using the form: `projects/{project_id}/locations/global/domains/{domain_name}`.
				591	"reservedIpRange": "A String", # Required. The CIDR range of internal addresses that are reserved for this domain. Reserved networks must be /24 or larger. Ranges must be unique and non-overlapping with existing subnets in [Domain].[authorized_networks].
				592	"state": "A String", # Output only. The current state of this domain.
				593	"statusMessage": "A String", # Output only. Additional information about the current status of this domain, if available.
				594	"trusts": [ # Output only. The current trusts associated with the domain.
				595	{ # Represents a relationship between two domains which makes it possible for users in one domain to be authenticated by a dc in another domain. Refer https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731335(v%3dws.10) If the trust is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
				596	"createTime": "A String", # Output only. The time the instance was created.
				597	"lastKnownTrustConnectedHeartbeatTime": "A String", # Output only. The last heartbeat time when the trust was known to be connected.
				598	"selectiveAuthentication": True or False, # The trust authentication type which decides whether the trusted side has forest/domain wide access or selective access to approved set of resources.
				599	"state": "A String", # Output only. The current state of this trust.
				600	"stateDescription": "A String", # Output only. Additional information about the current state of this trust, if available.
				601	"targetDnsIpAddresses": [ # The target dns server ip addresses which can resolve the remote domain involved in trust.
				602	"A String",
				603	],
				604	"targetDomainName": "A String", # The fully qualified target domain name which will be in trust with current domain.
				605	"trustDirection": "A String", # The trust direction decides the current domain is trusted, trusting or both.
				606	"trustHandshakeSecret": "A String", # Input only, and will not be stored. The trust secret used for handshake with target domain.
				607	"trustType": "A String", # The type of trust represented by the trust resource.
				608	"updateTime": "A String", # Output only. Last update time.
Yoshi Automation Bot	c2228be	2020-11-24 15:48:03 -0800	[diff] [blame]	609	},
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	610	],
				611	"updateTime": "A String", # Output only. Last update time. Synthetic field is populated automatically by CCFE.
				612	}
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	613
Bu Sun Kim	673ec5c	2020-11-16 11:05:03 -0700	[diff] [blame]	614	updateMask: string, Mask of fields to update. At least one path must be supplied in this field. The elements of the repeated paths field may only include these fields from Domain: * `labels` * `locations` * `authorized_networks` * `audit_logs_enabled`
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	615	x__xgafv: string, V1 error format.
				616	Allowed values
				617	1 - v1 error format
				618	2 - v2 error format
				619
				620	Returns:
				621	An object of the form:
				622
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	623	{ # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	624	"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
				625	"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
				626	"code": 42, # The status code, which should be an enum value of google.rpc.Code.
				627	"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
				628	{
				629	"a_key": "", # Properties of the object. Contains field @type with type URL.
				630	},
				631	],
				632	"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
				633	},
				634	"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
				635	"a_key": "", # Properties of the object. Contains field @type with type URL.
				636	},
				637	"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
				638	"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
				639	"a_key": "", # Properties of the object. Contains field @type with type URL.
				640	},
				641	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	642	</div>
				643
				644	<div class="method">
				645	<code class="details" id="reconfigureTrust">reconfigureTrust(name, body=None, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	646	<pre>Updates the dns conditional forwarder. Operation
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	647
				648	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	649	name: string, The resource domain name, project name and location using the form: `projects/{project_id}/locations/global/domains/{domain_name}` (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	650	body: object, The request body.
				651	The object takes the form of:
				652
				653	{
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	654	"trust": { # Represents a relationship between two domains which makes it possible for users in one domain to be authenticated by a dc in another domain. Refer https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731335(v%3dws.10) If the trust is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state. # The domain trust resource with updated dns conditional forwarder.
				655	"createTime": "A String", # Output only. The time the instance was created.
				656	"lastKnownTrustConnectedHeartbeatTime": "A String", # Output only. The last heartbeat time when the trust was known to be connected.
				657	"selectiveAuthentication": True or False, # The trust authentication type which decides whether the trusted side has forest/domain wide access or selective access to approved set of resources.
				658	"state": "A String", # Output only. The current state of this trust.
				659	"stateDescription": "A String", # Output only. Additional information about the current state of this trust, if available.
				660	"targetDnsIpAddresses": [ # The target dns server ip addresses which can resolve the remote domain involved in trust.
				661	"A String",
				662	],
				663	"targetDomainName": "A String", # The fully qualified target domain name which will be in trust with current domain.
				664	"trustDirection": "A String", # The trust direction decides the current domain is trusted, trusting or both.
				665	"trustHandshakeSecret": "A String", # Input only, and will not be stored. The trust secret used for handshake with target domain.
				666	"trustType": "A String", # The type of trust represented by the trust resource.
				667	"updateTime": "A String", # Output only. Last update time.
				668	},
				669	}
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	670
				671	x__xgafv: string, V1 error format.
				672	Allowed values
				673	1 - v1 error format
				674	2 - v2 error format
				675
				676	Returns:
				677	An object of the form:
				678
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	679	{ # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	680	"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
				681	"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
				682	"code": 42, # The status code, which should be an enum value of google.rpc.Code.
				683	"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
				684	{
				685	"a_key": "", # Properties of the object. Contains field @type with type URL.
				686	},
				687	],
				688	"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
				689	},
				690	"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
				691	"a_key": "", # Properties of the object. Contains field @type with type URL.
				692	},
				693	"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
				694	"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
				695	"a_key": "", # Properties of the object. Contains field @type with type URL.
				696	},
				697	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	698	</div>
				699
				700	<div class="method">
				701	<code class="details" id="resetAdminPassword">resetAdminPassword(name, body=None, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	702	<pre>Resets managed identities admin password identified by managed_identities_admin_name
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	703
				704	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	705	name: string, The domain resource name using the form: `projects/{project_id}/locations/global/domains/{domain_name}` (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	706	body: object, The request body.
				707	The object takes the form of:
				708
				709	{
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	710	}
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	711
				712	x__xgafv: string, V1 error format.
				713	Allowed values
				714	1 - v1 error format
				715	2 - v2 error format
				716
				717	Returns:
				718	An object of the form:
				719
				720	{
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	721	"password": "A String", # A random password. See admin for more information.
				722	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	723	</div>
				724
				725	<div class="method">
				726	<code class="details" id="setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	727	<pre>Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	728
				729	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	730	resource: string, REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	731	body: object, The request body.
				732	The object takes the form of:
				733
				734	{ # Request message for `SetIamPolicy` method.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	735	"policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.
				736	"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
				737	{ # Associates `members` with a `role`.
				738	"condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
				739	"description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
				740	"expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
				741	"location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
				742	"title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	743	},
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	744	"members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
				745	"A String",
				746	],
				747	"role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
				748	},
				749	],
				750	"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. Important: If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
				751	"version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions Important: If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
				752	},
				753	}
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	754
				755	x__xgafv: string, V1 error format.
				756	Allowed values
				757	1 - v1 error format
				758	2 - v2 error format
				759
				760	Returns:
				761	An object of the form:
				762
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	763	{ # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	764	"bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.
				765	{ # Associates `members` with a `role`.
				766	"condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
				767	"description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
				768	"expression": "A String", # Textual representation of an expression in Common Expression Language syntax.
				769	"location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
				770	"title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	771	},
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	772	"members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`.
				773	"A String",
				774	],
				775	"role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
				776	},
				777	],
				778	"etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. Important: If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
				779	"version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions Important: If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
				780	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	781	</div>
				782
				783	<div class="method">
				784	<code class="details" id="testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	785	<pre>Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a `NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	786
				787	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	788	resource: string, REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	789	body: object, The request body.
				790	The object takes the form of:
				791
				792	{ # Request message for `TestIamPermissions` method.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	793	"permissions": [ # The set of permissions to check for the `resource`. Permissions with wildcards (such as '' or 'storage.') are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
				794	"A String",
				795	],
				796	}
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	797
				798	x__xgafv: string, V1 error format.
				799	Allowed values
				800	1 - v1 error format
				801	2 - v2 error format
				802
				803	Returns:
				804	An object of the form:
				805
				806	{ # Response message for `TestIamPermissions` method.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	807	"permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is allowed.
				808	"A String",
				809	],
				810	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	811	</div>
				812
				813	<div class="method">
yoshi-code-bot	04bafe1	2021-06-29 00:20:25 -0700	[diff] [blame]	814	<code class="details" id="updateLdapssettings">updateLdapssettings(name, body=None, updateMask=None, x__xgafv=None)</code>
				815	<pre>Patches a single ldaps settings.
				816
				817	Args:
				818	name: string, The resource name of the LDAPS settings. Uses the form: `projects/{project}/locations/{location}/domains/{domain}`. (required)
				819	body: object, The request body.
				820	The object takes the form of:
				821
				822	{ # LDAPSSettings represents the ldaps settings for domain resource. LDAP is the Lightweight Directory Access Protocol, defined in https://tools.ietf.org/html/rfc4511. The settings object configures LDAP over SSL/TLS, whether it is over port 636 or the StartTLS operation. If LDAPSSettings is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state.
				823	"certificate": { # Certificate used to configure LDAPS. # Output only. The certificate used to configure LDAPS. Certificates can be chained with a maximum length of 15.
				824	"expireTime": "A String", # The certificate expire time.
				825	"issuingCertificate": # Object with schema name: Certificate # The issuer of this certificate.
				826	"subject": "A String", # The certificate subject.
				827	"subjectAlternativeName": [ # The additional hostnames for the domain.
				828	"A String",
				829	],
				830	"thumbprint": "A String", # The certificate thumbprint which uniquely identifies the certificate.
				831	},
				832	"certificatePassword": "A String", # Input only. The password used to encrypt the uploaded pfx certificate.
				833	"certificatePfx": "A String", # Input only. The uploaded PKCS12-formatted certificate to configure LDAPS with. It will enable the domain controllers in this domain to accept LDAPS connections (either LDAP over SSL/TLS or the StartTLS operation). A valid certificate chain must form a valid x.509 certificate chain (or be comprised of a single self-signed certificate. It must be encrypted with either: 1) PBES2 + PBKDF2 + AES256 encryption and SHA256 PRF; or 2) pbeWithSHA1And3-KeyTripleDES-CBC Private key must be included for the leaf / single self-signed certificate. Note: For a fqdn your-example-domain.com, the wildcard fqdn is *.your-example-domain.com. Specifically the leaf certificate must have: - Either a blank subject or a subject with CN matching the wildcard fqdn. - Exactly two SANs - the fqdn and wildcard fqdn. - Encipherment and digital key signature key usages. - Server authentication extended key usage (OID=1.3.6.1.5.5.7.3.1) - Private key must be in one of the following formats: RSA, ECDSA, ED25519. - Private key must have appropriate key length: 2048 for RSA, 256 for ECDSA - Signature algorithm of the leaf certificate cannot be MD2, MD5 or SHA1.
				834	"name": "A String", # The resource name of the LDAPS settings. Uses the form: `projects/{project}/locations/{location}/domains/{domain}`.
				835	"state": "A String", # Output only. The current state of this LDAPS settings.
				836	"updateTime": "A String", # Output only. Last update time.
				837	}
				838
				839	updateMask: string, Required. Mask of fields to update. At least one path must be supplied in this field. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
				840	x__xgafv: string, V1 error format.
				841	Allowed values
				842	1 - v1 error format
				843	2 - v2 error format
				844
				845	Returns:
				846	An object of the form:
				847
				848	{ # This resource represents a long-running operation that is the result of a network API call.
				849	"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
				850	"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
				851	"code": 42, # The status code, which should be an enum value of google.rpc.Code.
				852	"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
				853	{
				854	"a_key": "", # Properties of the object. Contains field @type with type URL.
				855	},
				856	],
				857	"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
				858	},
				859	"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
				860	"a_key": "", # Properties of the object. Contains field @type with type URL.
				861	},
				862	"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
				863	"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
				864	"a_key": "", # Properties of the object. Contains field @type with type URL.
				865	},
				866	}</pre>
				867	</div>
				868
				869	<div class="method">
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	870	<code class="details" id="validateTrust">validateTrust(name, body=None, x__xgafv=None)</code>
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	871	<pre>Validate the trust state Operation
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	872
				873	Args:
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	874	name: string, The resource domain name, project name, and location using the form: `projects/{project_id}/locations/global/domains/{domain_name}` (required)
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	875	body: object, The request body.
				876	The object takes the form of:
				877
				878	{
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	879	"trust": { # Represents a relationship between two domains which makes it possible for users in one domain to be authenticated by a dc in another domain. Refer https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731335(v%3dws.10) If the trust is being changed, it will be placed into the UPDATING state, which indicates that the resource is being reconciled. At this point, Get will reflect an intermediate state. # The domain trust to validate trust state for.
				880	"createTime": "A String", # Output only. The time the instance was created.
				881	"lastKnownTrustConnectedHeartbeatTime": "A String", # Output only. The last heartbeat time when the trust was known to be connected.
				882	"selectiveAuthentication": True or False, # The trust authentication type which decides whether the trusted side has forest/domain wide access or selective access to approved set of resources.
				883	"state": "A String", # Output only. The current state of this trust.
				884	"stateDescription": "A String", # Output only. Additional information about the current state of this trust, if available.
				885	"targetDnsIpAddresses": [ # The target dns server ip addresses which can resolve the remote domain involved in trust.
				886	"A String",
				887	],
				888	"targetDomainName": "A String", # The fully qualified target domain name which will be in trust with current domain.
				889	"trustDirection": "A String", # The trust direction decides the current domain is trusted, trusting or both.
				890	"trustHandshakeSecret": "A String", # Input only, and will not be stored. The trust secret used for handshake with target domain.
				891	"trustType": "A String", # The type of trust represented by the trust resource.
				892	"updateTime": "A String", # Output only. Last update time.
				893	},
				894	}
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	895
				896	x__xgafv: string, V1 error format.
				897	Allowed values
				898	1 - v1 error format
				899	2 - v2 error format
				900
				901	Returns:
				902	An object of the form:
				903
Dmitry Frenkel	3e17f89	2020-10-06 16:46:05 -0700	[diff] [blame]	904	{ # This resource represents a long-running operation that is the result of a network API call.
Yoshi Automation Bot	cc94ec8	2021-01-15 07:10:04 -0800	[diff] [blame]	905	"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
				906	"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
				907	"code": 42, # The status code, which should be an enum value of google.rpc.Code.
				908	"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
				909	{
				910	"a_key": "", # Properties of the object. Contains field @type with type URL.
				911	},
				912	],
				913	"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
				914	},
				915	"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
				916	"a_key": "", # Properties of the object. Contains field @type with type URL.
				917	},
				918	"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
				919	"response": { # The normal response of the operation in case of success. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
				920	"a_key": "", # Properties of the object. Contains field @type with type URL.
				921	},
				922	}</pre>
Bu Sun Kim	6502091	2020-05-20 12:08:20 -0700	[diff] [blame]	923	</div>
				924
				925	</body></html>