google-api-client 0.31.0 → 0.32.0

data/generated/google/apis/iam_v1.rb

@@ -27,7 +27,7 @@ module Google
     # @see https://cloud.google.com/iam/
     module IamV1
       VERSION = 'V1'
-      REVISION = '20190906'
+      REVISION = '20190927'
 
       # View and manage your data across Google Cloud Platform services
       AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'

data/generated/google/apis/iam_v1/classes.rb

@@ -519,25 +519,34 @@ module Google
       
         # Defines an Identity and Access Management (IAM) policy. It is used to
         # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
-        # `members` to a `role`, where the members can be user accounts, Google groups,
-        # Google domains, and service accounts. A `role` is a named list of permissions
-        # defined by IAM.
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+        # `members` to a single `role`. Members can be user accounts, service accounts,
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
+        # permissions (defined by IAM or configured by users). A `binding` can
+        # optionally specify a `condition`, which is a logic expression that further
+        # constrains the role binding based on attributes about the request and/or
+        # target resource.
         # **JSON Example**
         # `
         # "bindings": [
         # `
-        # "role": "roles/owner",
+        # "role": "roles/resourcemanager.organizationAdmin",
         # "members": [
         # "user:mike@example.com",
         # "group:admins@example.com",
         # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
         # ]
         # `,
         # `
-        # "role": "roles/viewer",
-        # "members": ["user:sean@example.com"]
+        # "role": "roles/resourcemanager.organizationViewer",
+        # "members": ["user:eve@example.com"],
+        # "condition": `
+        # "title": "expirable access",
+        # "description": "Does not grant access after Sep 2020",
+        # "expression": "request.time <
+        # timestamp('2020-10-01T00:00:00.000Z')",
+        # `
         # `
         # ]
         # `
@@ -547,11 +556,15 @@ module Google
         # - user:mike@example.com
         # - group:admins@example.com
         # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
-        # role: roles/owner
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin
         # - members:
-        # - user:sean@example.com
-        # role: roles/viewer
+        # - user:eve@example.com
+        # role: roles/resourcemanager.organizationViewer
+        # condition:
+        # title: expirable access
+        # description: Does not grant access after Sep 2020
+        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
         # For a description of IAM and its features, see the
         # [IAM developer's guide](https://cloud.google.com/iam/docs).
         # Corresponds to the JSON property `policy`
@@ -872,25 +885,34 @@ module Google
       
       # Defines an Identity and Access Management (IAM) policy. It is used to
       # specify access control policies for Cloud Platform resources.
-      # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
-      # `members` to a `role`, where the members can be user accounts, Google groups,
-      # Google domains, and service accounts. A `role` is a named list of permissions
-      # defined by IAM.
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+      # `members` to a single `role`. Members can be user accounts, service accounts,
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
+      # permissions (defined by IAM or configured by users). A `binding` can
+      # optionally specify a `condition`, which is a logic expression that further
+      # constrains the role binding based on attributes about the request and/or
+      # target resource.
       # **JSON Example**
       # `
       # "bindings": [
       # `
-      # "role": "roles/owner",
+      # "role": "roles/resourcemanager.organizationAdmin",
       # "members": [
       # "user:mike@example.com",
       # "group:admins@example.com",
       # "domain:google.com",
-      # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
       # ]
       # `,
       # `
-      # "role": "roles/viewer",
-      # "members": ["user:sean@example.com"]
+      # "role": "roles/resourcemanager.organizationViewer",
+      # "members": ["user:eve@example.com"],
+      # "condition": `
+      # "title": "expirable access",
+      # "description": "Does not grant access after Sep 2020",
+      # "expression": "request.time <
+      # timestamp('2020-10-01T00:00:00.000Z')",
+      # `
       # `
       # ]
       # `
@@ -900,11 +922,15 @@ module Google
       # - user:mike@example.com
       # - group:admins@example.com
       # - domain:google.com
-      # - serviceAccount:my-other-app@appspot.gserviceaccount.com
-      # role: roles/owner
+      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+      # role: roles/resourcemanager.organizationAdmin
       # - members:
-      # - user:sean@example.com
-      # role: roles/viewer
+      # - user:eve@example.com
+      # role: roles/resourcemanager.organizationViewer
+      # condition:
+      # title: expirable access
+      # description: Does not grant access after Sep 2020
+      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
       # For a description of IAM and its features, see the
       # [IAM developer's guide](https://cloud.google.com/iam/docs).
       class Policy
@@ -915,7 +941,8 @@ module Google
         # @return [Array<Google::Apis::IamV1::AuditConfig>]
         attr_accessor :audit_configs
       
-        # Associates a list of `members` to a `role`.
+        # Associates a list of `members` to a `role`. Optionally may specify a
+        # `condition` that determines when binding is in effect.
         # `bindings` with no members will result in an error.
         # Corresponds to the JSON property `bindings`
         # @return [Array<Google::Apis::IamV1::Binding>]
@@ -929,7 +956,9 @@ module Google
         # systems are expected to put that etag in the request to `setIamPolicy` to
         # ensure that their change will be applied to the same version of the policy.
         # If no `etag` is provided in the call to `setIamPolicy`, then the existing
-        # policy is overwritten.
+        # policy is overwritten. Due to blind-set semantics of an etag-less policy,
+        # 'setIamPolicy' will not fail even if either of incoming or stored policy
+        # does not meet the version requirements.
         # Corresponds to the JSON property `etag`
         # NOTE: Values are automatically base64 encoded/decoded in the client library.
         # @return [String]
@@ -938,9 +967,13 @@ module Google
         # Specifies the format of the policy.
         # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
         # rejected.
-        # Policies with any conditional bindings must specify version 3. Policies
-        # without any conditional bindings may specify any valid value or leave the
-        # field unset.
+        # Operations affecting conditional bindings must specify version 3. This can
+        # be either setting a conditional policy, modifying a conditional binding,
+        # or removing a conditional binding from the stored conditional policy.
+        # Operations on non-conditional policies may specify any valid value or
+        # leave the field unset.
+        # If no etag is provided in the call to `setIamPolicy`, any version
+        # compliance checks on the incoming and/or stored policy is skipped.
         # Corresponds to the JSON property `version`
         # @return [Fixnum]
         attr_accessor :version
@@ -1402,25 +1435,34 @@ module Google
       
         # Defines an Identity and Access Management (IAM) policy. It is used to
         # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
-        # `members` to a `role`, where the members can be user accounts, Google groups,
-        # Google domains, and service accounts. A `role` is a named list of permissions
-        # defined by IAM.
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+        # `members` to a single `role`. Members can be user accounts, service accounts,
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
+        # permissions (defined by IAM or configured by users). A `binding` can
+        # optionally specify a `condition`, which is a logic expression that further
+        # constrains the role binding based on attributes about the request and/or
+        # target resource.
         # **JSON Example**
         # `
         # "bindings": [
         # `
-        # "role": "roles/owner",
+        # "role": "roles/resourcemanager.organizationAdmin",
         # "members": [
         # "user:mike@example.com",
         # "group:admins@example.com",
         # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
         # ]
         # `,
         # `
-        # "role": "roles/viewer",
-        # "members": ["user:sean@example.com"]
+        # "role": "roles/resourcemanager.organizationViewer",
+        # "members": ["user:eve@example.com"],
+        # "condition": `
+        # "title": "expirable access",
+        # "description": "Does not grant access after Sep 2020",
+        # "expression": "request.time <
+        # timestamp('2020-10-01T00:00:00.000Z')",
+        # `
         # `
         # ]
         # `
@@ -1430,11 +1472,15 @@ module Google
         # - user:mike@example.com
         # - group:admins@example.com
         # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
-        # role: roles/owner
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin
         # - members:
-        # - user:sean@example.com
-        # role: roles/viewer
+        # - user:eve@example.com
+        # role: roles/resourcemanager.organizationViewer
+        # condition:
+        # title: expirable access
+        # description: Does not grant access after Sep 2020
+        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
         # For a description of IAM and its features, see the
         # [IAM developer's guide](https://cloud.google.com/iam/docs).
         # Corresponds to the JSON property `policy`

data/generated/google/apis/iap_v1.rb

@@ -25,7 +25,7 @@ module Google
     # @see https://cloud.google.com/iap
     module IapV1
       VERSION = 'V1'
-      REVISION = '20190906'
+      REVISION = '20190920'
 
       # View and manage your data across Google Cloud Platform services
       AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'

data/generated/google/apis/iap_v1/classes.rb

@@ -162,25 +162,34 @@ module Google
       
       # Defines an Identity and Access Management (IAM) policy. It is used to
       # specify access control policies for Cloud Platform resources.
-      # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
-      # `members` to a `role`, where the members can be user accounts, Google groups,
-      # Google domains, and service accounts. A `role` is a named list of permissions
-      # defined by IAM.
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+      # `members` to a single `role`. Members can be user accounts, service accounts,
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
+      # permissions (defined by IAM or configured by users). A `binding` can
+      # optionally specify a `condition`, which is a logic expression that further
+      # constrains the role binding based on attributes about the request and/or
+      # target resource.
       # **JSON Example**
       # `
       # "bindings": [
       # `
-      # "role": "roles/owner",
+      # "role": "role/resourcemanager.organizationAdmin",
       # "members": [
       # "user:mike@example.com",
       # "group:admins@example.com",
       # "domain:google.com",
-      # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
       # ]
       # `,
       # `
-      # "role": "roles/viewer",
-      # "members": ["user:sean@example.com"]
+      # "role": "roles/resourcemanager.organizationViewer",
+      # "members": ["user:eve@example.com"],
+      # "condition": `
+      # "title": "expirable access",
+      # "description": "Does not grant access after Sep 2020",
+      # "expression": "request.time <
+      # timestamp('2020-10-01T00:00:00.000Z')",
+      # `
       # `
       # ]
       # `
@@ -190,17 +199,22 @@ module Google
       # - user:mike@example.com
       # - group:admins@example.com
       # - domain:google.com
-      # - serviceAccount:my-other-app@appspot.gserviceaccount.com
-      # role: roles/owner
+      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+      # role: roles/resourcemanager.organizationAdmin
       # - members:
-      # - user:sean@example.com
-      # role: roles/viewer
+      # - user:eve@example.com
+      # role: roles/resourcemanager.organizationViewer
+      # condition:
+      # title: expirable access
+      # description: Does not grant access after Sep 2020
+      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
       # For a description of IAM and its features, see the
       # [IAM developer's guide](https://cloud.google.com/iam/docs).
       class Policy
         include Google::Apis::Core::Hashable
       
-        # Associates a list of `members` to a `role`.
+        # Associates a list of `members` to a `role`. Optionally may specify a
+        # `condition` that determines when binding is in effect.
         # `bindings` with no members will result in an error.
         # Corresponds to the JSON property `bindings`
         # @return [Array<Google::Apis::IapV1::Binding>]
@@ -214,7 +228,9 @@ module Google
         # systems are expected to put that etag in the request to `setIamPolicy` to
         # ensure that their change will be applied to the same version of the policy.
         # If no `etag` is provided in the call to `setIamPolicy`, then the existing
-        # policy is overwritten.
+        # policy is overwritten. Due to blind-set semantics of an etag-less policy,
+        # 'setIamPolicy' will not fail even if either of incoming or stored policy
+        # does not meet the version requirements.
         # Corresponds to the JSON property `etag`
         # NOTE: Values are automatically base64 encoded/decoded in the client library.
         # @return [String]
@@ -223,9 +239,13 @@ module Google
         # Specifies the format of the policy.
         # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
         # rejected.
-        # Policies with any conditional bindings must specify version 3. Policies
-        # without any conditional bindings may specify any valid value or leave the
-        # field unset.
+        # Operations affecting conditional bindings must specify version 3. This can
+        # be either setting a conditional policy, modifying a conditional binding,
+        # or removing a conditional binding from the stored conditional policy.
+        # Operations on non-conditional policies may specify any valid value or
+        # leave the field unset.
+        # If no etag is provided in the call to `setIamPolicy`, any version
+        # compliance checks on the incoming and/or stored policy is skipped.
         # Corresponds to the JSON property `version`
         # @return [Fixnum]
         attr_accessor :version
@@ -248,25 +268,34 @@ module Google
       
         # Defines an Identity and Access Management (IAM) policy. It is used to
         # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
-        # `members` to a `role`, where the members can be user accounts, Google groups,
-        # Google domains, and service accounts. A `role` is a named list of permissions
-        # defined by IAM.
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+        # `members` to a single `role`. Members can be user accounts, service accounts,
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
+        # permissions (defined by IAM or configured by users). A `binding` can
+        # optionally specify a `condition`, which is a logic expression that further
+        # constrains the role binding based on attributes about the request and/or
+        # target resource.
         # **JSON Example**
         # `
         # "bindings": [
         # `
-        # "role": "roles/owner",
+        # "role": "role/resourcemanager.organizationAdmin",
         # "members": [
         # "user:mike@example.com",
         # "group:admins@example.com",
         # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
         # ]
         # `,
         # `
-        # "role": "roles/viewer",
-        # "members": ["user:sean@example.com"]
+        # "role": "roles/resourcemanager.organizationViewer",
+        # "members": ["user:eve@example.com"],
+        # "condition": `
+        # "title": "expirable access",
+        # "description": "Does not grant access after Sep 2020",
+        # "expression": "request.time <
+        # timestamp('2020-10-01T00:00:00.000Z')",
+        # `
         # `
         # ]
         # `
@@ -276,11 +305,15 @@ module Google
         # - user:mike@example.com
         # - group:admins@example.com
         # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
-        # role: roles/owner
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin
         # - members:
-        # - user:sean@example.com
-        # role: roles/viewer
+        # - user:eve@example.com
+        # role: roles/resourcemanager.organizationViewer
+        # condition:
+        # title: expirable access
+        # description: Does not grant access after Sep 2020
+        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
         # For a description of IAM and its features, see the
         # [IAM developer's guide](https://cloud.google.com/iam/docs).
         # Corresponds to the JSON property `policy`

data/generated/google/apis/iap_v1beta1.rb

@@ -25,7 +25,7 @@ module Google
     # @see https://cloud.google.com/iap
     module IapV1beta1
       VERSION = 'V1beta1'
-      REVISION = '20190906'
+      REVISION = '20190920'
 
       # View and manage your data across Google Cloud Platform services
       AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'

data/generated/google/apis/iap_v1beta1/classes.rb

@@ -162,25 +162,34 @@ module Google
       
       # Defines an Identity and Access Management (IAM) policy. It is used to
       # specify access control policies for Cloud Platform resources.
-      # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
-      # `members` to a `role`, where the members can be user accounts, Google groups,
-      # Google domains, and service accounts. A `role` is a named list of permissions
-      # defined by IAM.
+      # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+      # `members` to a single `role`. Members can be user accounts, service accounts,
+      # Google groups, and domains (such as G Suite). A `role` is a named list of
+      # permissions (defined by IAM or configured by users). A `binding` can
+      # optionally specify a `condition`, which is a logic expression that further
+      # constrains the role binding based on attributes about the request and/or
+      # target resource.
       # **JSON Example**
       # `
       # "bindings": [
       # `
-      # "role": "roles/owner",
+      # "role": "role/resourcemanager.organizationAdmin",
       # "members": [
       # "user:mike@example.com",
       # "group:admins@example.com",
       # "domain:google.com",
-      # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+      # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
       # ]
       # `,
       # `
-      # "role": "roles/viewer",
-      # "members": ["user:sean@example.com"]
+      # "role": "roles/resourcemanager.organizationViewer",
+      # "members": ["user:eve@example.com"],
+      # "condition": `
+      # "title": "expirable access",
+      # "description": "Does not grant access after Sep 2020",
+      # "expression": "request.time <
+      # timestamp('2020-10-01T00:00:00.000Z')",
+      # `
       # `
       # ]
       # `
@@ -190,17 +199,22 @@ module Google
       # - user:mike@example.com
       # - group:admins@example.com
       # - domain:google.com
-      # - serviceAccount:my-other-app@appspot.gserviceaccount.com
-      # role: roles/owner
+      # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+      # role: roles/resourcemanager.organizationAdmin
       # - members:
-      # - user:sean@example.com
-      # role: roles/viewer
+      # - user:eve@example.com
+      # role: roles/resourcemanager.organizationViewer
+      # condition:
+      # title: expirable access
+      # description: Does not grant access after Sep 2020
+      # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
       # For a description of IAM and its features, see the
       # [IAM developer's guide](https://cloud.google.com/iam/docs).
       class Policy
         include Google::Apis::Core::Hashable
       
-        # Associates a list of `members` to a `role`.
+        # Associates a list of `members` to a `role`. Optionally may specify a
+        # `condition` that determines when binding is in effect.
         # `bindings` with no members will result in an error.
         # Corresponds to the JSON property `bindings`
         # @return [Array<Google::Apis::IapV1beta1::Binding>]
@@ -214,7 +228,9 @@ module Google
         # systems are expected to put that etag in the request to `setIamPolicy` to
         # ensure that their change will be applied to the same version of the policy.
         # If no `etag` is provided in the call to `setIamPolicy`, then the existing
-        # policy is overwritten.
+        # policy is overwritten. Due to blind-set semantics of an etag-less policy,
+        # 'setIamPolicy' will not fail even if either of incoming or stored policy
+        # does not meet the version requirements.
         # Corresponds to the JSON property `etag`
         # NOTE: Values are automatically base64 encoded/decoded in the client library.
         # @return [String]
@@ -223,9 +239,13 @@ module Google
         # Specifies the format of the policy.
         # Valid values are 0, 1, and 3. Requests specifying an invalid value will be
         # rejected.
-        # Policies with any conditional bindings must specify version 3. Policies
-        # without any conditional bindings may specify any valid value or leave the
-        # field unset.
+        # Operations affecting conditional bindings must specify version 3. This can
+        # be either setting a conditional policy, modifying a conditional binding,
+        # or removing a conditional binding from the stored conditional policy.
+        # Operations on non-conditional policies may specify any valid value or
+        # leave the field unset.
+        # If no etag is provided in the call to `setIamPolicy`, any version
+        # compliance checks on the incoming and/or stored policy is skipped.
         # Corresponds to the JSON property `version`
         # @return [Fixnum]
         attr_accessor :version
@@ -248,25 +268,34 @@ module Google
       
         # Defines an Identity and Access Management (IAM) policy. It is used to
         # specify access control policies for Cloud Platform resources.
-        # A `Policy` consists of a list of `bindings`. A `binding` binds a list of
-        # `members` to a `role`, where the members can be user accounts, Google groups,
-        # Google domains, and service accounts. A `role` is a named list of permissions
-        # defined by IAM.
+        # A `Policy` is a collection of `bindings`. A `binding` binds one or more
+        # `members` to a single `role`. Members can be user accounts, service accounts,
+        # Google groups, and domains (such as G Suite). A `role` is a named list of
+        # permissions (defined by IAM or configured by users). A `binding` can
+        # optionally specify a `condition`, which is a logic expression that further
+        # constrains the role binding based on attributes about the request and/or
+        # target resource.
         # **JSON Example**
         # `
         # "bindings": [
         # `
-        # "role": "roles/owner",
+        # "role": "role/resourcemanager.organizationAdmin",
         # "members": [
         # "user:mike@example.com",
         # "group:admins@example.com",
         # "domain:google.com",
-        # "serviceAccount:my-other-app@appspot.gserviceaccount.com"
+        # "serviceAccount:my-project-id@appspot.gserviceaccount.com"
         # ]
         # `,
         # `
-        # "role": "roles/viewer",
-        # "members": ["user:sean@example.com"]
+        # "role": "roles/resourcemanager.organizationViewer",
+        # "members": ["user:eve@example.com"],
+        # "condition": `
+        # "title": "expirable access",
+        # "description": "Does not grant access after Sep 2020",
+        # "expression": "request.time <
+        # timestamp('2020-10-01T00:00:00.000Z')",
+        # `
         # `
         # ]
         # `
@@ -276,11 +305,15 @@ module Google
         # - user:mike@example.com
         # - group:admins@example.com
         # - domain:google.com
-        # - serviceAccount:my-other-app@appspot.gserviceaccount.com
-        # role: roles/owner
+        # - serviceAccount:my-project-id@appspot.gserviceaccount.com
+        # role: roles/resourcemanager.organizationAdmin
         # - members:
-        # - user:sean@example.com
-        # role: roles/viewer
+        # - user:eve@example.com
+        # role: roles/resourcemanager.organizationViewer
+        # condition:
+        # title: expirable access
+        # description: Does not grant access after Sep 2020
+        # expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
         # For a description of IAM and its features, see the
         # [IAM developer's guide](https://cloud.google.com/iam/docs).
         # Corresponds to the JSON property `policy`